I don't quite understand how they are gaining the access credentials required? Where I work, it takes days to onboard people, through standard processes. Whats happening in this case.
Given the highly volatile, and legally gray, situation; I'd expect the front line people who usually grant access are at least flagging these requests to their boss, who flags to their boss etc. Is everyone up the chain just giving a shrug and saying "seems legit, give them the access".
Of course people don't want to loose their jobs, but I would have expected someone in a senior leadership position to take a stand in preventing this (unless their all on board?)
Given the highly volatile, and legally gray, situation; I'd expect the front line people who usually grant access are at least flagging these requests to their boss, who flags to their boss etc. Is everyone up the chain just giving a shrug and saying "seems legit, give them the access".
Of course people don't want to loose their jobs, but I would have expected someone in a senior leadership position to take a stand in preventing this (unless their all on board?)