Post by Kevin-> It's more likely the owner has not cared about security
-> for many years and as a result the sites got hacked by
-> bots. Let's hope the Swedish data protection agency has
-> mercy on him, or rather not.
It's not always the fault of the site that has the PHP
script (even though PHP Board software is pretty
leaky), one of my sites got taken down because another
user on the cluster had an insecure script on their
account. This was also compounded my my ex- webhost
having pretty shitty security.
From what I understand some actor got root access, so I
would put that in the hands of their webhost EIG -
https://en.wikipedia.org/wiki/Endurance_International_Group
-Kevin
Lemon can't talk his way out of what he behaved himself
into.
The blame game doesn't work, since the webhost is in no
way responsible for the PII gathetered and processed by
lemon, nor the protection thereof. Lemon knows that
there are more secure solutions available to store and
process PII. Yet, he chose not to move to more secure
solutions. But, seriously, using a shared webhosting
service to store PII does not favour Lemon and would even
even argue that he is at fault. The GDPR is very clear
about the measures one should take for the protection
of PII.
I'm sure that lemon is taking care of all this together
with the Swedish data protection agency, external
security auditors and his laywers.