Comment by svrtknst

3 days ago

If you flip it, we have a dude here admitting to breaching a large number of accounts and gaining access to PII -- including PII about minors.

Are we and the Maltese government just going to trust this guy and assume he has actually deleted everything, with no investigation?

6 comments

svrtknst

Reply
LtWorf  2 days ago

If his goal was to keep the data he wouldn't have reported it?

  • svrtknst  2 days ago

    That doesnt necessarily track. He could have stolen the data, then reported it to clear his own name. He did access more data than he needed to prove that there is a likely breach.

DANmode  2 days ago

How will you ensure the other people who were exploiting the hole have deleted their copies?

What a weird way to think about this.

  • svrtknst  2 days ago

    Is it? if 10 people may have committed a crime, should we exonerate 1 of them because he reported it and promises he didnt do anything?

    • DANmode  2 days ago

      That depends on provable intent,

      and your societal goals for ensuring the next exploit is reported, not ignored or shared online.