Fiverr denies leak of sensitive documents(xcancel.com)
6 pointsby shepherdjerred5 hours ago3 comments
  • eviks20 minutes ago
    > Fiverr does not proactively expose users' private information.

    Yes, just "did" and "actively"

  • shepherdjerred5 hours ago
    I was curious what happened after the incident yesterday (https://news.ycombinator.com/item?id=47769796)

    > To be clear, this is not a cyber incident. Fiverr does not proactively expose users' private information. The content in question was shared by users in the normal course of marketplace activity to showcase work samples, under agreements and approvals between buyers and sellers. This type of content requires the buyer's consent before it can be uploaded. As always, any request to remove content is handled promptly by our team.

    This is... not a great response

    • altairprimean hour ago
      In legal terms, it’s interpretable as “don’t fault us for user-generated content”. While that may technically be correct, to host their UGC upload directory on an indexable share is — voluntary or involuntary — either cloud incompetence or cloud negligence. The work samples between a buyer and a seller should never have been made default-public through any process controlled by Fiverr, but certainly I’ll concede it’s both simpler and cheaper to do it through no-auth links and then externalize liability onto their customers.
  • SunshineTheCat4 hours ago
    > Fiverr does not proactively expose users' private information.

    This is such a weird thing to say, has any company ever "proactively exposed users' private information"?

    Isn't that kinda taken for granted that most data breaches, leaks, bugs weren't meant to happen?