alt Hacker NewsThe company put out its first statement:
> “Fiverr does not proactively expose users’ private information. The content in question was shared by users in the normal course of marketplace activity to showcase work samples, under agreements and approvals between buyers and sellers. This type of content requires the buyer’s explicit consent before it can be uploaded. As always, any request to remove content is handled promptly by our team."
https://sqmagazine.co.uk/fiverr-security-flaw-private-docume...
It sounds like they are trying to claim the users involved published the links and that's why they are on Google? But how could anyone believe that multiple users intentionally published their SSN?
Re the takedown, I'm also guessing it's from Cloudinary. Maybe HTTP Referrer based?
The DMCA takedown also suggests at least one user was not aware of that file being public. This all comes down to what that "sharing" action specifically looked like.
ChatGPT recently had a similar case with the sharing feature on conversations leading to publicly indexed convos. That incident would have also matched the implied definition of sharing here.