On 2020-12-29, Kevin  wrote:
> On 28/12/2020 21:14, bliep@Your.Bathroom wrote to All:
>
> -> It's more likely the owner has not cared about security
> -> for many years and as a result the sites got hacked by
> -> bots. Let's hope the Swedish data protection agency has
> -> mercy on him, or rather not.
>
> It's not always the fault of the site that has the PHP
> script (even though PHP Board software is pretty
> leaky), one of my sites got taken down because another
> user on the cluster had an insecure script on their
> account.  This was also compounded my my ex- webhost
> having pretty shitty security.
>
> From what I understand some actor got root access, so I
> would put that in the hands of their webhost EIG -
> https://en.wikipedia.org/wiki/Endurance_International_Group
>
> -Kevin

Lemon can't talk his way out of what he behaved himself
into.

The blame game doesn't work, since the webhost is in no
way responsible for the PII gathetered and processed by
lemon, nor the protection thereof. Lemon knows that
there are more secure solutions available to store and
process PII. Yet, he chose not to move to more secure
solutions. But, seriously, using a shared webhosting
service to store PII does not favour Lemon and would even
even argue that he is at fault. The GDPR is very clear
about the measures one should take for the protection
of PII.

I'm sure that lemon is taking care of all this together
with the Swedish data protection agency, external
security auditors and his laywers.

--- SoupGate-Win32 v1.05