No, that doesn't make sense at all.
https://twitter.com/ppentestlabs/status/1202906268991664128 …
Hmm, an attacker has dumped their entire user database, so now they call support and say "I'm user xyz and my password is abc, can you do...?", I'm not sure what there's left to gain?
-
-
Ah, they had a breach? Didn't see that. But anyways: don't store passwords in plain text, it makes no sense to do so. :)
-
They didn't have a breach...he's outlining a theoretical situation in which social engineering wouldn't be much help to an attacker that already has access to everything they would want (e.g. anything customer support could access).
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.