> stored in our database which was not compromised Personally I don't really agree with &q...

KomoD • last Sunday at 3:29 PM • 1 reply • view on HN

> stored in our database which was not compromised

Personally I don't really agree with "was not compromised"

You say yourself that the guy had access to your secrets and AWS, I'd definitely consider that compromised even if the guy (to your knowledge) didn't read anything from the database. Assume breach if access was possible.

Replies

nsonha • last Sunday at 3:45 PM

There are logs for accessing aws resources and if you don't see the access before you revoke it then the data is safe

➕ show 3 replies

alt Hacker News

Replies