So Sage the famed accountancy and payroll software company have had a data breach involving up to 280 of its clients. So whats so wrong about this. The big thing here is that it appeaars to be caused by an incorrectly secured user account internal to Sage. This is horrific in this day and age. Sage are a worldwide firm, even if there software is a bit marmite. So could they get a simple basic such as securing an internal login account so wrong? I am horrified by this and if I were an employee of one of the 280 clients have had their data leaked I can assure you I would be at their HQ first thing demanding hard answers to very difficult questions. A complex attack is one thing but seems to be so basic to be true. I personally have a love-hate relationship with Sage going back to the very early days of my IT career, when I was supporting and developing against Sage Products, there were good days and days where things were truly awful. In spite of this I really expected better from Sage. This however is a new low and something that could have so easily been prevented. I do hope the ICO come down on them like a ton of bricks.
Wednesday, September 30, 2020