[mikl]

> I took action as the primary on-call engineer to lock down the AWS account and prevent any actions by possible attackers.

So he suspected an attack, but did not contact his employer about it or other team members. No action taken to mitigate the attack or to identify what was going on. Just changed the AWS root account password and nothing else.

Even assuming the very best intentions, I don’t think it unreasonable that Ruby Central found that a little bit suspicious.

[anon84873628]

This is the part that strains my belief as well. If you're really the concerned responsible professional working for the greater good of the community, then pick up the (metaphorical) phone ASAP and sort it out, regardless of how pissed off and insulted you are by the boss's incompetence.