Hacker News new | past | comments | ask | show | jobs | submit login

>How much ripping would HN impose on one of these institutions if they attempted a 100% best practices secure password upgrade and then subsequently had a complete IT disaster unfold (I can certainly link articles).

I'm definitely interested in examples of this




Here is one recent example I just dug up:

https://www.itnews.com.au/news/massive-cba-outage-traced-to-...

Not specifically related to password security upgrade, but it illustrates the impact of a bank's IT systems going down. Being able to run a credit card transaction and receive your paycheck is fundamental to the fabric of our society. When these processes are disrupted, people get very anxious and things start to fall apart rapidly. When is the last time you insert your card into the reader and thought "I sure hope this works"?


On the other hand, malicious actors have been remotely draining banks, especially small banks, remotely due to their poor IT practices.

So a bank system that is "up but insecure" is only a recipe to be horribly hacked later.

I rather my bank be down for a few hours and come back online with my money intact than be hacked and drained and but online.


TSB had a major IT meltdown when it tried to migrate to a different core banking system: https://www.independent.co.uk/news/business/news/tsb-it-fail...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: