![](https://fedia.io/media/22/63/22635e2e50db15a81575eb0648537c3b01d1f168de572a581c863250459479c9.png)
![](https://sh.itjust.works/pictrs/image/c38fd5ff-821e-45c9-b2ee-957d0321d2e2.webp)
Especially with such careless failures. If some employee was tricked through a well-planned social engineering attack, or they used some mega obscure day0 vulnerability, I’d not be happy, but shit happens, I guess. But not sending my phone number when someone just posts some GET command to an API should be a no-brainer…
That’s precisely the kind of competition they will not beat me in. I can descend into depths most people didn’t even know were reachable by the gutter.