• OsrsNeedsF2P@lemmy.ml
    link
    fedilink
    English
    arrow-up
    14
    ·
    2 months ago

    I know someone who works in software security at Plaid. I can’t give too many details because there’s only like 20 of them - but no, you REALLY should not trust Plaid. (Allegedly) phones intercepting 2FA in their server rooms, (allegedly) bank connection issues that have led to people getting access to the wrong accounts, (allegedly) using browser bots to handle login on the backend for banks without API access, (allegedly) customer info leaks that weren’t reported… Now that I think if it, I should tell my friend about the whistleblower programs

    • Echo Dot@feddit.uk
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 months ago

      I don’t know how it works in the US but under European law if he knows about these things and isn’t reporting them he’s liable if and when it all comes to light.

      If you know that the company you work for is committing crimes, and you do not report it, you are as liable as the company.