u/NebraskaCoder wrote (the comment Michael replied to):
I wish the article would have been more clear on that. I could have made different points.
u/michaelnovati replied ·
Yeah like it's a great learning opportunity if they would have explained it more haha
The engineers working on authentication might have done a perfect job and not even known because the engineers on logging made a mistake.
Ultimately it was also the fault of another team that audits everything for data integrity and tries to prevent leaks horizontally. And that team has multiple sub teams: one that builds frameworks that others use that percent leaks baked in, another that tries to find leaks proactively in the code, and another that tries to educate engineers on good practices.
A lot goes into all this and the press goes for the clicks haha.
Facebook screwed but it's not simple incompetence.