[stareatgoats]

> "Hopefully, we had ‘only’ read access and could not write or delete anything"

Sounds a lot like feigned ignorance about the nature of the root user. Not entirely sure if it would help them in a court of law. They should probably anonymized the whole thing better to be completely on the safe side (not a lawyer though).

[dredmorbius]

That reads more like an attempt to make a light-hearted quip suggesting the exposure was limited. Say, more like: "OK, so we could directly access the database, but surely nobody would provide a full read/write administrative account publicly accessible and passwordless.... Oh."

Given a few other hints at English not being the first tongue (or possibly even the fourth, CH having four official co-equal languages) of the writer(s) in question, that could just be awkwardness from a non-native speaker. Their English is vastly superior to my German, French, Italian, or Romanche.