Why is AI needed to weed out "garbage flights"?

Here is the message of the hacker, after the matrix.org admins allegedly cleaned everything up and wrote the original blog post: https://web.archive.org/web/20190412055614/https://matrix.or...

it was not, read again

But it does seem to be the case that the same SSH key pair that was used to access Jenkins also provided access to the production infrastructure. Unless I'm misunderstanding the nature of the attack.

It seems the issue was developers using SSH agent forwarding which was abused to access the production environment.

You just leaked your customers email addresses by improperly obfuscating them.

See https://web.archive.org/web/20190409072021im_/https://blog.c... With knowledge of the font used (which is very easy to figure out as its the Stripe dashboard) everyone can reconstruct these email addresses.

You should now notify these customers as well as your supervisory authority.

Thanks for bringing this to my attention. I will have my legal help check it and take the appropriate steps.