The disclosure post was published today, June 20. The intrusion was "detected" on June 12. But nowhere does it say WHEN the intrusion began. And the company probably doesn't even know that yet.

"Preliminary findings indicate that the unauthorized party used social engineering tactics to gain access to our network."

"Potentially impacted files contain claims information, health information, social security numbers, and/or other personal information, related to customers, beneficiaries, employees, agents, and other individuals in our U.S. business."

The Record: Aflac says it stopped attack launched by ‘sophisticated cybercrime group’ https://therecord.media/aflac-cyberattack-potential-data-breach @therecord_media @jgreig #cybersecurity #Infoec #Google

Posted today, Aflac Incorporated Discloses Cybersecurity Incident https://www.prnewswire.com/news-releases/aflac-incorporated-discloses-cybersecurity-incident-302487036.html?tc=eml_cleartime

If I make tabletop exercise scenarios should I just make a public repo for all to enjoy, or is there somewhere that can get more reach? I just wanna make something cool

#InfoSec #CyberSecurity #NotDnD

This dumb password rule is from Boligøen (Danish resident renting bureau).

Red text: "Your password has to be at least 6 characters, but NOT over 20 characters."

https://dumbpasswordrules.com/sites/boligoen-danish-resident-renting-bureau/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Blackrock.

They force you to enter a password that has 8, 9, or 10 characters, then
they lecture you on how to create a strong password.

https://dumbpasswordrules.com/sites/blackrock/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Suncorp.

To "improve security" and "be password savvy", passwords must:
- be six to eight characters long
- Contain both numbers and letters
- Include upper and lowercase letters

https://dumbpasswordrules.com/sites/suncorp/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Onleihe.

Password is your birthday in format ddmmyyyy. Users are not allowed to change their passwords

https://dumbpasswordrules.com/sites/onleihe/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from California Department of Motor Vehicles.

They also prohibit pasting into the password field by using a JavaScript
`alert()` whenever you right-click or press the `Ctrl` button, so
you can't use a password manager.

https://dumbpasswordrules.com/sites/california-department-of-motor-vehicles/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Mycanal.

- Minimum of 8 characters
- Contain at least 1 uppercase character or 1 number
- Can not contain these characters : ‹ › ' "

https://dumbpasswordrules.com/sites/mycanal/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Wageworks.

In addition to the following rules regarding passwords...
- 8-20 characters in length
- Include at least 4 of the following: lowercase letter, uppercase letter, number AND symbol
- Not include your last name, first name or space

Your new password should be different from your previous twenty pas...

https://dumbpasswordrules.com/sites/wageworks/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Dell.

Okay at least 6, that's alright I guess.

Oh at least one number and one letter, bit dumb but hey not that dumb.

But hiding the fact that it has a max of 20, now THAT is dumb!

https://dumbpasswordrules.com/sites/dell/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Netflix.

[The help page](https://help.netflix.com/de/node/54078)
and the [password reset page](https://www.netflix.com/password) say:

Ihr Passwort muss zwischen 4 und 60 Zeichen lang sein und darf keine Tilde (~) enthalten.

https://dumbpasswordrules.com/sites/netflix/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

🆕 blog! “Your Password Algorithm Sucks”

There are two sorts of people in the world; those who know they are stupid and those who think they are clever.

Stupid people use a password manager. They know they can't remember a hundred different passwords and so outsource the thinking to something reasonably secure. I'm a stupid person and am very happy to have BitWarden…

👀 Read more: https://shkspr.mobi/blog/2025/06/your-password-algorithm-sucks/
⸻
#CyberSecurity #passwords #security

This dumb password rule is from Ameli.fr (French national health insurance).

This was very painful to find a password that works with this one and that I can actually remember (I ended-up using my bank-account number because everything else failed). It took me maybe one hour and I thought I would become crazy (and yes, the session expires frequently while you are actually...

https://dumbpasswordrules.com/sites/ameli-fr-french-national-health-insurance/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Chase Bank.

* Can't use any special characters except ! # $ % + / = @ ~
* Max length restriction (32 characters).
* No runs of identical characters ("aaa") or sequential characters ("abc").
* Password check is case-insensitive

https://dumbpasswordrules.com/sites/chase-bank/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from El Corte Ingles.

Min 6 and max 8 characters for password! Can't contain anything
different than letters and numbers. Apart, the email address must have
at least 8 characters (sorry million dollar domain owners! :D)

https://dumbpasswordrules.com/sites/el-corte-ingles/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from University of California San Diego.

Passwords must be between 8 and **11** characters long!

https://dumbpasswordrules.com/sites/university-of-california-san-diego/

#password #passwords #infosec #cybersecurity #dumbpasswordrules