Xfinity/Citrix Data Breach

I guess the new standard for companies handling their data breaches is to tell you it happened, telling you what bullshit measures they are doing to not-really rectify the situation, pushing the burden onto you to mitigate the damage of their fuckup, and not apologizing for the fuckup at all.

I’m no data security expert, but it seems to me that the birthdays, SSN digits, and secret questions/answers could have been hashed, and that would have significantly mitigated the potential impact of the breach.