I wonder why their legal department would PREVENT them from saving their users.
What legal reason would exist for that? I thought legal would instead force them to save their users, since otherwise they would risk getting sued by all of them by all the damages caused or something.
> a source who participated in the response to that breach alleges Ubiquiti massively downplayed a “catastrophic” incident to minimize the hit to its stock price, and that the third-party cloud provider claim was a fabrication.
I'm sure their lawyers don't know anything about tech or forensics, but they know how buy shareholders time in a way that minimizes anyone's chances of going to prison or facing serious civil liability. If you ask someone in charge of hiring corporate counsel what they look for in a lawyer, they will flat out tell you "a good risk manager who understands discretion" which just means "someone who's going to tell us what we can get away with".
The regulatory system in the US is sufficiently dysfunctional that there is zero incentive for corporate counsel to even consider what's in the best interest of consumers.
> I wonder why their legal department would PREVENT them from saving their users.
Good legal departments understand that the company is there to serve the users and make them happy and operate within those constraints (even trading off possibly liability when it makes the products sell better).
Horrible legal departments will block anything that has even a smell of liability, even when it comes to sabotaging the product itself and hiding serious issues from users and employees.
What legal reason would exist for that? I thought legal would instead force them to save their users, since otherwise they would risk getting sued by all of them by all the damages caused or something.