WP Engine passed the buck to an unnamed “cloud infrastructure provider” for their big security breach that sparked resetting all accounts on their system.
To me, this is still not enough information. Also, I would want to know when they discovered about the breach versus when they acted on it. They shared it just a couple of days after WordCamp US.
