

This situation would have been easily preventable with basic understanding of what they’re doing is what OP is saying. This leak is not something highly complex, it is painfully stupid on the side of the developers.
There’s a difference between a hack, where data is exposed, compared to data exposure due to negligence or ignorance on the development side.
Where I’m from there’s certificates a company can get, that confirm a certain level of process and IT security. Also a company existing for at least 5-10 years without incidents is a “vetted” company in my books. At least anything that managed to produce a working IT system before 2021 when AI came around.
I also believe there’s a bit of bad wording going on with the original comment. Take it up with that guy, lol.