How many times have I blogged about “Don’t Shoot the Messenger” — the inappropriate response of some entities when notified that they have a leak or data breach?
Here’s a current example, as noted by Graham Cluley. It all started routinely enough:
Platform engineer and open source enthusiast Rob Dyke says that he’s found himself in a sticky pickle.
You see, in late February he discovered two public repositories on Github which contained code for an application, API keys, usernames nad passwords, and a database dump. Anyone in the world could access the sensitive information.
Read more on GrahamClulely.com.
Note that Dyke has not (yet) named the entity whose response has both required Dyke to seek legal counsel and caused him significant distress — all for trying to do the right thing. I hope Dyke does name them so they can get the negative press and derision they so richly deserve.