Not as much as if it contained passwords, for sure. Bu it gives a nice mailing list for phishing and so on.
CrowdStrike report of the incident: https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/
By the messages that they are sending to customers, looks like is related to recent updates to the services, but nothing clear.
Sad, but some of us make a living out of this. But still sad (and true).
Of course if that was not the case we could employ our sorry minds to something more constructive.
Normally web filters categorize IPFS gateways as p2p, and most organizations block this category.
From the text:
Now, attackers breach a user's mobile account with stolen, brute-forced, or leaked credentials and initiate porting the victim's number to another device on their own. They can do this by generating a QR code through the hijacked mobile account that can be used to activate a new eSIM. They then scan it with their device, essentially hijacking the number.
No need for social engineering.
The shoemaker's son always goes barefoot.
I like to use the 2013 Target breach case. They lost $1 billion due to the attack, their stocks dropped significantly after the attack, had several lawsuits, they closed a few stores, and changed the CEO and CIO. But a few months later, all was forgiven, their stocks recovered, and life went on.
Don't get me wrong, the risks of a cyber attack have to be taken seriously. But I feel that I have overestimated the impacts of reputational damage my whole life, as an infosec professional. My thinking was always like this: if you get reputational damage, you are done, no chance to recover, it is the end of it.
I'm following the Crowdstrike case, but I would bet that they will lose some market share (mostly prospects), perhaps some layoffs, but stocks will come up eventually.