On November 15th BIPS was the target of a massive DDoS attack,
All good so far, it happens to everyone.
which is now believed to have been the initial preparation for a subsequent attack on November 17th that overloaded our managed switches and disconnected the iSCSI connection to the SAN on BIPS servers.
huh, what ? who is the idiot that setup this network ?
Regrettably, despite several layers of protection, the attack caused vulnerability to the system, which has then enabled the attacker/s to gain access and compromise several wallets.
Wait wait wait. There is some huge step missing there, what are you omitting ? How do go you from DDoS, to network failure, to XXX, to access breach ?
Please don't get into the same territory as TF.
Agree. I do woodworking now but I used to be in IT. I sent this to a buddy of mine who ran pen testing for a large security corporation...I'll let you guys know what he says.