Primary Domain

Risk AND Accountability

Risk AND Accountability intelligence groups reporting by primary domain so readers can follow a focused area of internet infrastructure, governance, connectivity markets, or digital capital. The page brings together related articles, public evidence, institutions, companies, people, regional exposure, operating dependencies, and market context that may otherwise sit across separate category pages. It explains the domain, the likely actor class, the market or governance context, and the source material readers should use when comparing signals. Operators, analysts, and governance readers can see how the same domain appears across events, profiles, market shifts, public-source evidence, regional dependencies, and longer-cycle infrastructure decisions over time.

Editorial risk and accountability image for Equifax, Inc.

Institutional

Equifax and the 76-day patch window: from Struts advisory to board accountability

The 2017 Equifax breach was not the result of a missing warning. It was the result of a critical warning moving through an organization without reliable ownership, asset knowledge, verification, detection, segmentation, or executive evidence that the risk had actually been…

Jul 10, 2026
Editorial risk and accountability image for Capital One Financial Corporation

North America cloud service

Capital One's metadata breach: when cloud configuration became a liability chain

The 2019 Capital One breach did not show that public cloud is inherently unsafe, or that a customer can outsource accountability to its cloud provider. It showed how a web-facing configuration error, a metadata credential path, broad storage permissions, weak alert resolution…

Jul 10, 2026
Editorial risk and accountability image for Meta

Cloud Service

Meta's six-hour disappearance: control-plane coupling, DNS reachability, and accountability

The October 2021 outage did more than take Facebook, WhatsApp, and Instagram offline. It showed how a routine command could cross the boundary between maintenance and global communications, how an apparently sensible DNS health rule could amplify a backbone failure, and how…

Jul 10, 2026
Editorial risk and accountability image for Fastly, Inc.

Cloud Service

Fastly's latent bug and the accountability of a concentrated CDN edge

Fastly restored most of its network within 49 minutes on June 8, 2021, but the outage exposed a larger accountability problem: a geographically distributed edge can still have one software fate, while customers that buy reach, speed, and physical redundancy from a CDN may…

Jul 10, 2026
Editorial risk and accountability image for Cloudflare, Inc.

Cloud Service

Cloudflare, the June 2019 route leak, and accountability beyond the network edge

For a little more than two hours, routes intended to improve traffic inside one regional network escaped into the global routing system and pulled part of Cloudflare's anycast traffic toward links that could not carry it. The incident shows why network resilience cannot stop at…

Jul 10, 2026
Editorial risk and accountability image for Rogers Communications

Global national telecom

The routing change that silenced a national network: Rogers and the duty to preserve continuity

Rogers Communications' July 2022 outage began with a core-network change and spread far beyond phone and internet service. Emergency calls failed, public alerts did not reach some users, municipal operations lost connectivity, and a national payment system became unavailable. The…

Jul 10, 2026
Editorial risk and accountability image for Telstra

Global national telecom

Telstra's national outage made network time a public accountability issue

When Telstra's mobile network lost reliable time on 8 July 2026, the damage travelled far beyond handsets: emergency calls failed, regional trains stopped, payment terminals disconnected, and public agencies had to trace callers who might still need help. Restoration matters, but…

Jul 10, 2026
Editorial risk and accountability image for OVH SAS

Datacenter

The OVHcloud fire showed that data locality is not disaster separation

The March 2021 fire at OVHcloud's Strasbourg campus turned a physical incident into permanent data loss and a Europe-wide service shock. Its lasting accountability lesson is not that cloud customers should simply have bought "a backup," but that providers and customers must…

Jul 10, 2026
Editorial risk and accountability image for A.P. MOLLER - MAERSK A/S

Institutional

The day global shipping lost its digital memory: Maersk, NotPetya and operational accountability

NotPetya did not take control of Maersk's vessels on June 27, 2017. It did something more revealing: it erased access to the shared digital context that allowed a global shipping network to accept bookings, identify cargo, open terminal gates, coordinate equipment and tell…

Jul 10, 2026
Editorial risk and accountability image for Amazon Web Services

Cloud Service

The region customers can leave but not always escape: AWS US-East-1 and the price of resilience

AWS lets a customer place applications in several zones, several regions, or even several clouds. Yet some of the controls needed to identify an incident, add capacity, change routing, obtain credentials, open a support case, or complete a failover can still converge on one…

Jul 10, 2026
Editorial risk and accountability image for GitHub, Inc.

Cloud Service

The morning GitHub's correct security response looked exactly like an attack

When GitHub replaced an exposed RSA SSH host key in March 2023, the company removed a credible impersonation risk and simultaneously triggered the warning designed to stop customers from trusting an impersonator. The episode was not a disclosed compromise of customer…

Jul 10, 2026
Editorial risk and accountability image for 23ANDME

Institutional

23andMe and the credential-stuffing breach that turned relatives into exposure surface

The central fact of the 2023 23andMe incident is not that some customers reused passwords. It is that one successful login could reveal information about many genetic relatives who did not reuse that password, did not control the accessed account and could not see the session…

Jul 10, 2026
Editorial risk and accountability image for Snowflake

Cloud Service

Snowflake's credential-theft campaign and the limits of shared responsibility

The 2024 Snowflake campaign did not require a demonstrated break in Snowflake's production platform. Attackers used customer credentials, entered customer instances through supported interfaces, and issued ordinary data commands with extraordinary consequences. That distinction…

Jul 10, 2026
Editorial risk and accountability image for MGM Resorts International Operations, Inc.

Institutional

MGM Resorts: when a digital identity failure reached the hotel floor

The 2023 MGM Resorts incident exposed a physical-service paradox. A compromise reported as beginning with identity and support-channel abuse did not remain an IT problem: it surfaced as room-key friction, reservation outages, interrupted payments, manual casino payouts, long…

Jul 10, 2026
Editorial risk and accountability image for Marriott International, Inc.

Institutional

Marriott and Starwood: the reservation database Marriott bought, and the security truth it inherited

The Starwood reservation database did not become Marriott's responsibility only when Marriott disclosed the breach in 2018. It became an operational fact of the combined company when the acquisition closed in 2016: a legacy system still serving hotels, holding global travel and…

Jul 10, 2026
Editorial risk and accountability image for Uber Technologies

Cloud Service

Uber and the breach response that turned a security incident into a governance case

Uber's 2016 breach began with stolen repository credentials and an exposed cloud access key. The enduring accountability case began after the security team understood what had happened. Technical containment moved quickly; institutional disclosure did not. A $100,000 payment was…

Jul 10, 2026
Editorial risk and accountability image for Twitter Inc.

Cloud Service

The console behind the public conversation: Twitter's 2020 takeover and the authority to speak

Twitter's July 2020 account takeover was publicly remembered as a $118,000 Bitcoin scam. That number is accurate but badly scaled to the risk. A small group reached an internal recovery surface that could change who controlled prominent accounts, expose private information, and…

Jul 10, 2026
Editorial risk and accountability image for ATLASSIAN PTY LTD

Cloud Service

Atlassian Confluence and the patch-time asymmetry: who carries the risk after a fix ships?

Atlassian moved from a private report of an actively exploited Confluence zero-day to a public advisory and fixed releases in days. Customers still had to find every instance, interrupt service, upgrade safely, preserve evidence, investigate possible compromise, and decide when…

Jul 10, 2026
Editorial risk and accountability image for Hydro-12345 NORSK HYDRO ASA

Institutional

Norsk Hydro: manual recovery became part of the control record

Norsk Hydro's response to the 2019 LockerGoga ransomware attack is often remembered as a success story about people returning to pen and paper. The more useful reading is stricter. Manual production, public capacity updates, a refusal to pay, backup-led rebuilding and later…

Jul 10, 2026