[EE84M3i]

Acquired in 2022? IMO that's enough time to bring their service up to the same security standard as the rest of their services, assuming it's a priority.

Google and others normally have a 6 month grace period for bug bounty reports in acquisitions.

[dheera]

> that's enough time to bring their service up to the same security standard

If you can get competent people to work for you while keeping Wall Street happy, sure, but there are much "cooler" companies across the street that Wall Street is more excited about, are hiring right now, and the competent folk are going there.

At the end of this extreme is Equifax-like companies that have leaks and lots of other issues. Before you ask why Equifax sucks so much, ask yourself: Would you work there? No? That's why they continue to suck.

While Dropbox isn't Equifax, it isn't OpenAI or NVIDIA right now.

[Fatnino]

I worked at equifax.

Just sort of ended up there when the fun startup I was at got acquired by them. I soon burnt out and checked out mentally and eventually they noticed and we parted ways.

I just wish I had had the wisdom to get myself out before I burnt out. Looking back, it was a slowly boil the frog type of situation.

[MichaelZuo]

Yeah after nearly 2 years it probably isn't a credible excuse in any way.