[CommitSyn]

These comments are doom and gloom from people who have read articles but haven't been there. I've reported over a dozen medium size leaks and not once has the company tried to come after me. They haven't all fixed them, and for those I haven't pushed, but most of the time they're grateful. If you're worried, contact Troy Hunt and have him be an intermediary for you, as others have suggested.

[koo6]

These comments are doom and gloom from people who have read articles but haven't been there. I've crossed the local railway tracks, blindfolded and earmuffed, for over a dozen times, and not once has a train hit me. If you're worried, contact a random australian dude working for one of the biggest cybersecurity threats on the planet, who also seems to pass time by counting cars that pass over a nearby bridge, and have him be an intermediary for you, as others have suggested. It will be great!

[CommitSyn]

Have you ever disclosed a vulnerability? Ever had one to disclose?

[koo6]

no

[g48ywsJk6w48]

Unfortunately, he did not answer for a week. Started thinking data leak is not a super interesting topic for professionals. It happened every week, so my discovery is just another data leak.

[mariuolo]

At best you get a pat on your back, at worst you go to jail: why should anyone take the chance?

[CommitSyn]

For the same reason you should stand up to the police when you know your rights, because if you don't, what's the outcome then?