What a shame
"In order to reduce the possibility of a repeat attack, ConnectWise has added an extra layer of authentication for all users and added shored up security between the SQL clusters and the rest of the environment."
Isn't it too bad that security is such a nuisance ? Only when the miscreants actually get through does anyone accept to actually lock things down the way they should be.
Don't tell me that this "extra layer of authentication" was a genius moment, it was the layer that was lacking in the first place.
Hey, on my home network I don't have much authentication going on either - but I'm only responsible for my personal data, not for thousands upon thousands of clients.
Security - you do it right, or you pay the price. In this case, apparently, they got lucky. That is far from being the usual.