Centurions
Well-Known Member
I highly doubt that login sharing (officially or unofficially) was used, there was just too much money involved.This is something we may never know. It may be that City knew and unofficially condoned login sharing as such devolving blame from the users, or they know it was a user error but valued him high enough to retain him, after all once the leak was stopped his skills would be no less devalued.
More likely is that the email address (presuming that's the user name) would have been easy enough and they could have simply guessed at the password depending on how rigorous Newman was in password reuse. For instance try the name of your dog and add 1234 to the https://haveibeenpwned.com/Passwords website and be worried. Blue1234 & blue1234 are even worse.