Booking.com ignores twofactor, lets everyone email-login without a password https://news.ycombinator.com/item?id=40720674 #ycombinator
Is this the same Booking.com that just allocates a bug budget of millions yearly and pays out for mistakes because it's cheaper than abandoning their move-fast-and-break-things style?