[gilbertbw]

> The code and the data around it also included a few thousand names and email addresses belonging to Dropbox employees, current and past customers, sales leads, and vendors

There isn't an explanation as to why customer, lead and vendor data is stored in GitHub? Or (less likely?) they allowed GitHub OAuth to log into other Dropbox internal services?

[jsty]

My guess - issues tied to requested features from current & prospective customers, and bugs associated with specific vendors - all of which could plausibly lead to a bunch of (name, email) data points stored on GitHub

[dannyw]

Probably an internal prototype that incorrectly stored PII in the repo (as a CSV, .sql, etc)

[aliqot]

That's the real story here.

[blowski]

Not really. Someone’s suggested a possible reason for something that was unclear in the original article. That’s hardly a story.

[aliqot]

It's a full story.