At least they were faster than Yahoo who felt the need of confirming a similar hack 3 years later.
these comments on the article are great.
On a more serious note, while it's great that they didn't take as long as yahoo, let's not confuse love of the company with what they did being okay. They didn't release knowledge that a breach might've occurred until several month after it had, and used an outdated and exploitable hashing algorithim (which was considered unsuitable for use since 2010). While I understand not wanting to raise false flags and the root issue of breaches being password reuse, they still have a duty to inform customers if they had enough suspicion to actually look into the possibility. Forcing a password change is never a bad thing, tbh. CD Projekt are cool dudes but any data breach is pretty much unacceptable when they were using outdated, broken protections.
Sorry, you need to Log In to post a reply to this thread.