Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The post says they don't have evidence of anyone using the api that leaked all that personal info - let's not ignore that: name, picture, birthdate, email was just open to the world for a friend lookup! Second, they don't clarify if this is "evidence of absence" of a leak. Do they not monitor that api call but they don't have any reason to expect a problem? Or is it that they monitor it and no one used it in the "bad way"? I'm afraid it must be the first - if they had evidence no one ever use the api, they'd be explicit about it.


They mentioned the reason they weren't able to know was because they only kept the logs for a short amount of time.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: