Yes, if you accidentally push grandma and her wheelchair over a cliff you probably wouldn’t refer to it as “a recent family incident”. In particular the fourth word, a single letter ‘a’, immediately got my back up. The vagueness and defensiveness of the whole post feels very dismissive and inhuman.

”Out of transparency and our desire to share with our community…” also reminds me when I get a refund that is prefixed with ”as a one-time gesture of goodwill…” instead of ”sorry, we made a mistake”.

Yes, the OpenAI disclosure about the same incident is much better https://openai.com/index/mixpanel-incident/

It makes you wonder if Mixpanel would have disclosed this if not for OpenAI more or less forcing them to.

I got a much more informative disclosure the day before from Open AI.

Announcing the breach on Thanksgiving day was also certainty calculated.

Also, I had never heard the word "smishing" before. I don't get what's different from "normal" phishing.

but they registered the IOCs in their SIEM platform, so no way this will happen again

Related, Gainsight - some other customer analytics thing - was also breached. See here:

https://news.ycombinator.com/item?id=46071239

And it looks like many companies got affected because their data was stolen via gainsight. The hackers said they plan to ask the companies for ransoms.

Expect the worst.