|
|
|
|
|
|
by skim_milk
1152 days ago
|
|
|
The "security hole" was anyone could use search inurl:example.com/documents and get five pages of results with SSNs, credit card numbers, etc. plus the reputational damage of leads doing any amount of research into the company and seeing confidential documents on page 2 or 3 by literally just searching the company name. The startup was big enough that the data&reputational risk was easily 7 figures/yr |
|
|