I don't believe there are no written records of the incident. What's making sure the gov is actually following the law and sends everything FOIA requires? Same for GDPR, nothing is stopping a company from sending me only some of the information
If this were a more serious incident, and there was more to investigate and lockdown, it seems much more likely that the STRATCOM info officers would wait, since a response isn't required until 20 business days. They gain absolutely nothing by responding within 12 hours with a cutesy public lie that has the risk of being unraveled by the "real" hacker.
The information is not just for the press and the public — every part of the government and the military not directly connected to STRATCOM would believe that the public explanation is correct, which is the last thing you'd want if there really were a security breach.
just logical. somebody somewhere send an email or chat message about this incident. for example the person who was in charge in twitter account could have sent a message to his manager saying “hey fyi my kid wrote sth on twitter”
> nothing is stopping a company from sending me only some of the information
If their database later leaks and shows that they had more info, they're in a world of hurt. The DPA will already be looking for an excuse to punish them (having a breach isn't punishable in itself), so they'll nail them to the wall for this.
