Engineer reports data leak to Apperta, hears from the police

Ax Sharma reports another troubling instance of “Shoot the Messenger:” threatening or blaming those who responsibly disclose leaks that they discover. This episode appears to be brought to us via Apperta Foundation. Earlier this month, Dyke had discovered an exposed GitHub repository exposing passwords, API keys, and sensitive financial records which belonged to Apperta Foundation. On discovering this GitHub repository which, the engineer says, was public since at least 2019, the engineer privately reported it to Apperta, and got thanked by them. On March 9th, however, he received legal correspondence from Apperta’s lawyers, leading him to hire his own solicitors to represent him. Furthermore, an email followed yesterday from a Northumbria Police cyber investigator in relation to a report of “Computer Misuse.” Read more on BleepingComputer.DataBreaches.netRead More