A new Clorox lawsuit shows that our biggest security risk remains people, not technology. Attackers from Scattered Spider simply phoned the the Clorox helpdesk run by Cognizant and just asked them for passwords.... and they gave them up! Hackers didn't need deep tech skills, just weak verification from Cognizant. 🤬

TL;DR
⚠️ Attackers phoned in to get passwords with no checks
🔐 Lack of identity verification is a major failure point
🛠️ Companies must tighten help desk protocols and training
📌 Liability can ripple far beyond breach response costs

https://www.reuters.com/legal/government/lawsuit-says-clorox-hackers-got-passwords-simply-by-asking-2025-07-22/
#cybersecurity #socialengineering #helpdesksecurity #riskmanagement #security #privacy #cloud #infosec #3rdPartyRisk #OutsourcingFail