Reply to post: overkill?

Transport for London Oyster system pulled offline after credential-stuffing crooks board customers' accounts

gojump

overkill?

was anyone else reading this thinking there is much more to it? Like they have been compromised perhaps.

Mainly because shutting a system down entirely seems a little overkill if they are simply saying that users passwords are being recycled. In my mind you would just update all passwords to random strong passwords and then force people to reset if it was just that. Plus have a security review, not take the whole system down (internally too).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2019