> There shouldn't be any coming back from this. There are failures on multiple levels here & CircleCI demonstrated no one should keep any sensitive data with them.
Are other companies any better? It seems like now it’s assumed that all of these companies will eventually be hacked, so if you use them you need to have systems in place to mitigate damage. And if you don’t use them them then you need to have mitigation strats anyway. Basically either way you’re screwed.
Not necessarily. Yes, it can be hard to fight off dedicated hackers, but it shouldn’t be that easy. I know it’s easy to judge them when we’re not in their shoes, but one compromised employee shouldn’t be able to produce these results. There wasn’t even proper key management protocols in place here. I can set up a production-ready Vault (HashiCorp) cluster (with decentralized key shares) in a weekend and exercise better OPSEC than them. That’s actually disappointing.
Using Vault isn't going to make this impossible. The secrets still end up somewhere on a host in an env var. People still get permission at some point to read from Vault. Combine enough parts of the puzzle and you can find cracks in the system.
Are other companies any better? It seems like now it’s assumed that all of these companies will eventually be hacked, so if you use them you need to have systems in place to mitigate damage. And if you don’t use them them then you need to have mitigation strats anyway. Basically either way you’re screwed.