Submission + - Neglecting your privacy to fix software bugs
Frequently our customers send us their databases to see if we can figure out why they're experiencing certain bugs. They never randomize the data, so I've had access to millions of credit card numbers, access to people's health records, and even access to sex offender's lists (including the victims' contact details).
What's the point in implementing software security if the database will be shared for the sake of a few bug fixes?