Insurance Journal Forums

So today IJ has this on seven cyber insurers bypassing ISO-Verisk and LexisNexus to form their own bureau.
https://www.insurancejournal.com/news/n ... 619446.htm

Also know that IJ had it's own data breach issue with not closing a security issue in Wordpress such that data that should have been behind a login was actually public. Once they did close it, they deleted the post and did not inform users. Oh OH! Isn't this not ethical IJ???

There was no data breach.

Wordpress has a feature, REST API. There is nothing exposed that is not already public (ie. articles and author names and bios). We disabled because we want to minimize bots stealing our article content.

Wordpress docs say: "If you are not a developer, the most important thing to understand about the API is that it enables the block editor and modern plugin interfaces without compromising the security or privacy of your site."
https://developer.wordpress.org/rest-api/

Also we do not store secure info in wordpress. Audience databases and such are stored separately.

Why delete the original post then Josh?
Why not come out and say there was a security issue, no data was breached, and we fixed it.
Data that was behind a login was exposed publicly right?
pssst thats a data breach

Read the wordpress explanation again "without compromising the security or privacy of your site".

People reading articles on our website is not a data breach.

If a post was deleted it's because it is misinformation.