Do better.
Each Sunday, we walk through a recent cloud or AI compromise and explain what "doing better" would have looked like. Real sources, candid commentary, and a clear note on the architecture that would have changed the story.
Three engineers, one chatbot, and a quietly cataloged source-code repository.
It is 2026 and we are still doing this. People are still pasting things into hosted AI assistants that absolutely should not be on someone else’s servers.
When a vendor’s credentials get stolen, it’s your customer list on the dark web.
Cloud data warehouses are a wonderful idea right up until you remember that one stolen contractor laptop can become a hundred breach notifications.
The SaaS is free because the AI eats well.
Every collaboration tool you love has now spent a quiet year quietly updating its terms so it can train on your work. Some of them remembered to tell you.
The cloud’s master key got stolen, and twenty-five government agencies got read.
It turns out one private signing key, accidentally exposed via a series of “that shouldn’t have happened” events, is enough to mint yourself a year of email access at the State Department.
1.1 terabytes of Slack messages, brought to you by a single login.
Twenty years of internal jokes, salary discussions, and unfortunately phrased complaints about the CEO’s wife, all available for download in convenient JSON format.
When a single ransomware attack stops the country’s pharmacy.
The 2024 healthcare clearinghouse incident took weeks to unwind, cost billions, and left independent pharmacists making payment decisions on a clipboard. None of this is what “the cloud is more reliable” was supposed to mean.
Your genome, brought to you by people who reuse their passwords.
A consumer DNA testing service let attackers walk in through 14,000 reused customer passwords, then walk out with the genetic profiles of 6.9 million people via a feature designed to help you find your cousins.
Putting the keys to your kingdom in someone else’s filing cabinet.
Identity providers are a real engineering miracle right up until the moment one of them gets breached and your security team has to spend a long weekend rotating every single thing.
Your operating system has decided to remember everything you do. We have notes.
The 2024 “take a screenshot every few seconds and feed it to a local model so you can ask your computer what you were doing last Thursday” feature was a sneak preview of a much bigger problem.
Welcome. Let’s talk about the 73 million reasons your phone bill might be on the dark web.
We’re starting a weekly column. The premise is simple: every Sunday we pick a recent compromise of cloud or AI systems, explain what actually happened in plain English, and note where Halo’s posture would have changed the story.