[ngneer]

That confused me, too. They appear to know the person who accidentally discovered the issue, not the hacker.

[netsharc]

Developer tries to tell a story...

Sounds like OP interviewed the person who uploaded the code, whose system was previously inflitrated (it can still be the NSA). So why say "If the guy who did it wants to come forward, that is his decision. But he did provide me the full story", it doesn't sound like OP interviewed the "guy who did it"...

[AnimalMuppet]

I read that the other way. "If the guy who did it wants to come forward, that is his decision. But he [still talking about the guy who did it] did provide me the full story."

That is, the perpetrator gave him the full story, but he won't name names, because it's the perpetrator's choice whether or not to reveal his identity.

[netsharc]

OK, makes sense.. so the interviewed hacker mentioned that he got the code in by infiltrating the computer of "some developer"...

[grugq]

he was more specific, but I (a) don't remember the name off the top of my head, and (b) don't think it is beneficial to put them on blast. It isn't their fault they got hacked 20 years ago.

[stavros]

So it is the developer, not the perpetrator?

[jstanley]

How do they know it wasn't the NSA then?

[_notreallyme_]

The guy who did it was quite vocal about it in some circles. It was a "for the lulz" kind of hack...