alt Hacker NewsIs this even a question? Obviously, the company that has publicly posted people's tax forms on the internet is very trustworthy and we should eagerly believe everything they say.
I don't think it even comes down to "lying". It's possible that they genuinely believe they didn't receive contact, but given that they are verifiably completely and totally incompetent and have no right to be employed in their current role, they've earned exactly zero benefit of doubt.
Replies
(weird to share any details about this incident to uninvolved parties via email anyway)
Exactly, it doesn't have to be about them lying. It could simply be, that they let go or lost one of their engineers and that person knew why to do what and the next one didn't, accidentally exposing stuff.
@janoelze -- that was my thought too, though less so that they wouldn't share a claim of not being notified at all with a third party, but more that those kind of things need to go through legal/comms/etc not whoever runs the security mailbox. if the person running the email box is not the CISO, surely they at least need the CISOs approval to say something beyond a thank you or followup questions? (and if they are the CISO, then they have bigger things to worry about then replying...)