
Capital One found it’s breach only by a member of the public emailing a tip - benryon
https://www.businessinsider.com/capital-one-hack-data-breach-email-tip-off-2019-7
======
londons_explore
I would guess most breaches of this nature go entirely undetected forever.

How many companies actually go through the audit logs without a reason to do
so?

The vast majority of systems are designed to keep the bad guys out, rather
than raise alarms when the bad guys have already stolen the crown jewels. If
you want that, check out [1].

[1]: [https://www.serverthiefbait.com/](https://www.serverthiefbait.com/)

------
gumboshoes
Typo in headline: it's > its.

