Comment by habinero
4 days ago
Absolutely not. That's not your concern nor your problem.
They're perfectly capable of hiring incident response experts, and companies commonly have cyber insurance that'll pay for it.
"Demonstrating" is dumb and means you turn an ordinary disclosure into personal liability for you.
Blabbing about it on the internet is just the idiot cherry on the stupid cake.
If your goal is to successfully report and resolve, it is your problem.
Agree otherwise.
In the stories I’ve carefully read, no proof means being ignored by frontline people who are all you can reach,
turning an ordinary disclosure into no disclosure at all.
That's still not your concern or your problem. You're not internet Batman. Opening up yourself to criminal liability for someone else's site is insane.
Lots of good white and grey hats have used anonymity to report for this exact reason.
Whether or not you feel it’s your concern (or “problem”) depends on your thoughts on moral responsibility to others in your society.
2 replies →
Even if you were selfish: it’s your own data being leaked.
You don’t have to be Batman to want your data secure.