The same threat actor has leaked larger amounts of data from LinkedIn dated 2023. They claim this new data contains 35M lines and is 12 GB uncompressed.

    • kungen@feddit.nu
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      well with PGP, the header is unencrypted

      Is there a single large company that even sends PGP email?

      logging into example.com with the user’s email and that 2fa code is going to be a breeze

      Sure, IF 1. you already have the user’s password, and 2. a new code wouldn’t be required/the previous code invalidated when initiating a new login session?

      Like, I’m not saying that 2FA codes via email is secure, but you’re implying that they are making a security hole via this - which I don’t see.

        • brothershamus@kbin.social
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          I used it. For about 10 minutes. Then I read the help files. Then I searched. Then I used it some more. Then I uninstalled it.

      • locuester@lemmy.zip
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        1 year ago

        Yeah not following the logic. 2FA via email is insecure. Doesn’t matter where in the email. That person is confused about something.