Companies suffering security breaches or being alerted of vulnerabilities are nothing new, and to be honest, their responses are usually dismal. So much so that when I started poking around for names of businesses that have handled issues well, the name that kept coming up was Buffer--even though that happened all the way back in 2013. (That's got to be about a decade in tech years.)
Still, there are a few companies from 2015 and 2014 that stood out.
There's Tesla, which quickly patched vulnerabilities found in its Model S and then sent its CTO, JB Straubel, to the Def Con hacking convention, where he personally thanked the security researchers who uncovered the vulns, presented them with challenge coins, and encouraged more security research.
There's
And then there's Freedom of the Press Foundation, a tiny non-profit that packs a mean punch, which runs the open-source whistleblower submission system SecureDrop. When a security vulnerability was reported on an email list, it was fixed within 24 hours, had a security audit completed shortly thereafter, and implemented a bug bounty program.
I know there are other businesses and non-profits like these out there, and I need your help. If you can think of an organization that's responded phenomenally after being made aware of a security vulnerability or suffering a hack or breach, please send me an email with the details. Send those to yael@yaelwrites.com, and let me know whether you'd want your name included if I do use your suggestion.
