Catalin Cimpanu reports:
North Yorkshire Police said today they’re not pursuing a criminal case against the researcher who found a vulnerability in a mobile app developed by the York city council.
City officials had reported the researcher to police earlier this month, but North Yorkshire Police said “the researcher has acted correctly.”
Read more on ZDNet.
Hallelujah that law enforcement recognized that disclosing a breach or vulnerability does not make a researcher a criminal, even if the entity is embarassed at having their vulnerabilities or failure to take prompt action made public.