I wouldn't have realized that unless I'd read far enough to see that Entity A did compromise Account B. Since the author didn't define what an attempt in this context means, I think it would be proper to assume that attempt meant the overall effort to compromise the account.
Ahhh you reckon they are being sneaky with language? So something like:
- unsuccessful login occurs
- successful login + screenshot + various nefarious actions
- (some time later)
- attacker's access locked down
Implying that they detected an unsuccessful login, but doesn't mean that they didn't prevent unauthorized access, which would make what they said technically correct but kinda useless for us users. That is something I did not originally consider, but wow ... maybe. I hope not. I mainly want answers about what is affected, and whether Auth0 was compromised.
I wouldn't have realized that unless I'd read far enough to see that Entity A did compromise Account B. Since the author didn't define what an attempt in this context means, I think it would be proper to assume that attempt meant the overall effort to compromise the account.