Re: @Marketing Hack
By published reports, the OPM penetration was an inside job, in that it began with use of the credentials from the non-government system of an authorized contractor employed user. That is not an indication that OPM was secure; the fact they were not using two factor authentication for all access is a black mark against them. It does, however, indicate that security is hard and requires attention to an awful lot of detail, and people, especially in large networks like that of OPM.
The Democratic Party server penetration, on the other hand, appears to have been a straight external exploitation of some combination of built-in and administrator allowed vulnerabilities.
Biting the hand that feeds IT
