The Apperta Foundation had public code on GitHub stuffed full of secrets.
A week later I hear from Apperta's lawyers.
We require your immediate undertaking by 5pm today, Monday 8 March 2021. That you have destroyed or will immediately deliver up, all of our client’s confidential business information in your possession whatsoever. Your confirmation that you have not, and will not, publish the data you unlawfully extracted. Your confirmation that you have not shared the extracted data.
Don't shoot the messenger.
On or around October 30th 2019 your client published two repositories of code on the public code sharing website Github. These materials were freely available for anyone to view clone fork or download from that date.
Thank you for making me aware that your client considers the data that they purposefully published on Github in 2019 as private and confidential business information. I trust that they will be notifying the ICO of the data breach.
An unacceptable undertalking.
Since we wrote earlier today, it has now come to our attention that you have boasted of your unlawful extraction and also today threatened to unlawfully access our client’s systems and data again.
Found a public repo with API keys, usernames, passwords, and a database dump.
Our client has a real belief that you pose an imminent further threat and that you now retain its confidential business information and data. You have failed to provide the undertaking requested. Please advise how we may serve your solicitor. If you are representing yourself, kindly confirm.
Public repos with secret info
Emails between lawyers
Costs & Legal fees
Confirmations / undertakings offered
High Court forms
Go Fund Me Donations (after fees)
Confirmation / undertaking accepted
weeks off sick from stress
Pages in court bundle