AH-hahahahahahahahaha

Les White

Les White

Less is more
2A Bourbon Hound 2024
2A Bourbon Hound OG
Charter Member
Life Member
Multi-Factor Enabled
Joined
Dec 17, 2016
Messages
9,020
Location
DavieCo
Rating - 100%
23   0   0
So, back in 2012 I started working for Summit Credit Union as their IT manager. I worked there until 2019 when a recently promoted "VP of IT" more or less forced me out. She knew I didn't care for her, knew I knew she was full of shi...stuff, and knew that I knew she was an IT idiot. She believed she was qualified for the job because her autistic son fixed computers for the geek squad....and osmosis or something. She also believed she was mechanically inclined because "she used to watch her daddy change the oil in his car". Whatever. FWIW, this isn't just me being a dick, she really was clueless and I routinely called her bad ideas out as "the technology doesn't work like that", or "that's proprietary software and we can't modify it per our contract", or "yes, we really do need a license for that".

Anyway, got this in the mail today. She's clearly doing a bang up job. Nothing like this ***ever*** happened on my watch, sure we got hit with ransomware occasionally, but the systems I had in place mitigated it swiftly and notified me immediately. Recovery was quick and painless.

Feel free to text them, let them know Krista is doing a bang up job.

😂 😂 😂 😂 😂 😂 😂 😂 😂 😂 😂 😂


scan.jpg

Because this was part of my job Sam and I talked about this often, he dreaded, absolutely dreaded the thought of sending out this letter.
 
Got the same letter today... 😒
 

Attachments

  • 245A00F2-3E7E-4013-BB51-DC5F7B65E41F.jpeg
    245A00F2-3E7E-4013-BB51-DC5F7B65E41F.jpeg
    149.5 KB · Views: 28
Amanda4461 said:
Wonder if they paid anyone off, like Colonial did.🤦🏻‍♂️
Click to expand...

Maybe. They had, when I was there, a pretty beefy insurance policy for this sort of thing. It covers the third party cyber security professionals (clean up crew) they mentioned in the letter, credit monitoring costs, a couple mil for ransom and lawsuits. If I recall the policy was expensive and had a 25k deductible.
 
Last edited:
Les White said:
Maybe. They had, when I was there, a pretty beefy insurance policy for this sort of thing. It covers the third party cyber security professionals (clean up crew) they mentioned in the letter, credit monitoring costs, a couple mil for ransom and lawsuits. If I recall the policy was expensive and had a 25k deductible.
Click to expand...
Your non-buddy will probably get a promotion now. Why? For being diverse, and for “competently assessing the issue and coordinating the return to normal” or some similar line of dark BS. All you gotta know, is white man be doomed. We are gonna get to feel what it’s like to be a minority. Glad I am too old to fall in line🤷🏻‍♂️
 
Les White said:
An insider told me the breech happened over a month ago, and they're just now getting around to letting members know.
Click to expand...
That’s no good. I went back over my accounts. Nothing that shouldn’t be there.
Still though , it’s worrisome that we’re just now finding out about it.
 
two fingers said:
Karma. Hope you landed on your feet. She's not enjoying going to work this week at all.
Click to expand...

Sheiiiiiiit. They'll likely spin it as her doing her job with excellence and give her a promotion.
 
@Les White
Maybe I’ve told this story before…

Working in Italy in the 90’s, I had a meeting with the corporate IT Director. Considering the period, company and sector, we had a rather extensive IT department with a dozen or so code writers and several IBM mainframes. I was trying to explain to the guy my vision of what our global sales force needed.

I wanted each rep carrying a laptop on customer visits. They would create an order and send it to Italy using the internal modem via the internet. The mainframe would verify whether the order rationalized the loading space in ocean containers (we paid the freight so we insisted the containers be stuffed full). We had a system that played in 3D (apparently quite advanced for its time) and then told the loaders precisely how to pack the various different items to fit). The mainframe would then tell the rep what adjustments, if any, were necessary to fill the container. They’d keep going until both the buyer and mainframe were satisfied with the proposed order.

Knowing that the best time to collect past due balances is when a customer wants to place a new order, I wanted the mainframe to query receivables and respond back that the rep needed to collect $xxx before the new order could be processed. Once ready to go, the order would magically appear in the system triggering everything that had to happen (ordering JIT materials, scheduling production capacity, ordering containers, etc.).

He listened fairly attentively, smiled and told me it was interesting but wouldn’t work. Why, I asked.

”Because the internet is an offline system, not real-time”, came his highly educated response.

I asked, if that was so, how was I able to go on the internet, move money from one bank account to another and see the result instantly. Or, place a stock market order and see it execute instantly with the share difference visible in my account.

So much for IT managers. 🤓
 
You can't fix stupid.

When I was working for a large "Data Management" software company.. one of our customers who had a HUGE multi-PB deployment was wanting to write backups to some home grown abomination, which quickly failed during their testing, so they opted for Windows 2012 Storage Pools, despite being told it sucks and has issues (by just about everyone).

That too eventually became too much of a PITA to manage and they uncovered issues with it.

So they ask us.. what do your other large customers use? We start listing off stuff like Isilon, Cisco 3260's, NetApp E-Series, etc. All the "normal" (i.e. non-sucky) stuff.

What'd they go with?

Nothing we had ever heard of. It was the Fisher-Price "my first NAS" solution; and it was deployed on a massive multi-PB scale.

Fast forward a few years.. they would occasionally have issues, but working with their storage vendor, it seemed to work OK for them in the end. Until one day someone did something they shouldn't have on the storage side, and these huge 100TB volumes were showing as corrupt. Whoops. They ended up having to do CHKDSK on them, and that was showing timeframes of WEEKS to complete.

They were looking at pulling stuff out of the back of their storage area in their data centers that hadn't been under support in eons to use as new backup targets, luckily we figured out another solution using some of the same storage system that was not yet in use for another of their environments.

Talk about a nightmare.

The Director who put all this BS in was looking to save money. He ended up getting term'd prior to it all going *poof* though.

Same customer was also trying to push secondary copies to an off-site data center...PB's of data... 1GB link... even with deduplication that wasn't ever going to happen in a timely fashion. Reporting was showing decades of estimated completion.

They were also trying to write tertiary tape copies of PB's of data... using ONLY 16 drives... if you did the math on throughput, you'd see it was a fools effort. Not to mention that these guys would argue about using the right drivers for the tape drives on the servers, and constantly having drives go offline, etc.

Point is, people do stupid things in IT. It happens daily. It makes one wonder how the hell companies are still able to do business when they're pushing for the cheapest, duct tape and bailing wire solution most of the time.
 
SnowRooster said:
Got the same letter today... 😒
Click to expand...


Well, this is interesting. Found an article online dated from 3/29/2021 about the breach. Looks like it was longer than a month before they notified.

"An expert in cybersecurity who for anonymity told CUToday.info the $305-million Summit CU in North Carolina is among the CUs that have been hit with a ransomware attack at the hands of the criminal group REvil. The former $9.7-million St. James Hospital Employees FCU in Olympia Fields, Ill., was allegedly also compromised by RansomExx, the expert stated. St. James Hospital EFCU merged last year into $277-million Illiana Financial CU, based in Calumet City, Ill. The latter credit union, however, is denying any such breach occurred."

Threat is Growing; Response Strategies Are Shared / THE feature / CUToday.info - CU Today

The Coolest Credit Union News Source
www.cutoday.info www.cutoday.info
 
You must log in or register to reply here.
Back
Top Bottom