Seems to me it took a lot more than just opening up a chat session. The attacker needed to know enough about the infrastructure to guide the attack. I suspect either an inside job, or at-least some other inside connection, perhaps the part we know about was only part of the social engineering.
I've always been shocked at how easy it is defeat security with a few words.
To the hotel clerk at the front desk around 2 in the morning: "I left my room key in my room, Can you make me a key for Room number ####?"
I stood ready to produce my photo id, or at-least give the name on the room... neither was asked for .
I've always been shocked at how easy it is defeat security with a few words.
To the hotel clerk at the front desk around 2 in the morning: "I left my room key in my room, Can you make me a key for Room number ####?"
I stood ready to produce my photo id, or at-least give the name on the room... neither was asked for .