• Orbituary@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      2
      ·
      2 months ago

      I work in this field. Every client has law counsel. Most of my client update calls include a remediation section, forensics findings, and finally legal. Everyone not employed by the affected client are asked to leave so counsel and client can discuss threat actor negotiations and potential data exposure.

      These portions are not meant to hide info per se, but often to decide how to broach discussing PII or PHI, as well as limiting whether they’re going to pay the TA or pursue a 3rd party decryptor.

      I’ve been tempted to whistleblow on clients before because they’re awful, but I’ve learned that what sometimes feels like retribution might hurt the exposed victims and not the company.

      Anyway, it’s not super cut and dry.