Rabbit hole full of hardcoded credentials: Rabbitude expose Rabbit data breach
martins.irbe.devPrevious discussion on Rabbitude's original posts: https://news.ycombinator.com/from?site=rabbitu.de
Rabbit Inc.'s recent data breach exposed critical API keys and user data due to hardcoded credentials in their code. Despite awareness of the breach, key security measures were overlooked, risking user privacy and email data. This incident highlights the importance of secure coding practices and proper credential management.
Even more if one is sending out hardware-devices. It's pretty clear that the folks over there came from the Web-world and more frontend than backend and didn't follow industry-wide best practices at all.
I hope they have a good lawyer, because there will be one that sues, i'm pretty sure.