As the dust settles around Uber’s recent data breach, the internet will likely begin to point fingers at those who they deem responsible for the attack, which allegedly occurred through a social engineering scam targeting Uber employees’ credentials.
But playing the blame game — whether it’s directed at specific Uber security controls, employees or even the company itself — is pointless in an industry where time would be better spent learning lessons, applying mitigations, and sharing for awareness rather than spewing ‘shoulda woulda coulda’ criticisms.