When these types of things happen, I notice a strong "blame the victim" mentality. When Sony was hacked, I saw similar comments about how it serves them right for having bad security. Some people even go as far as to praise the hacker and think they shouldn’t be held accountable for their crime. After all, if Uber didn’t want this, they wouldn’t have made themselves so vulnerable to penetration.<p>While I agree companies like Uber and Sony need to invest more time and energy into security, real people are hurt when these types of things happen. It isn’t the executive-level “fat cats” who are hurt the most. It is normal, everyday people. They did not ask for their personal information to be stolen. Their only crime was working for a company with poor information security.<p>Furthermore, the fact Uber issued a subpoena for information from Github does not make Uber the bad guy for requesting the information and Github the good guy for withholding the information. A crime was committed and this is part of the investigation. The information requested by Uber is not unreasonable. They are basically requesting log files for that specific Gist.<p>Channeling my inner Matthew McConaughey from A Time to Kill, imagine this happening to an organization that is more likeable than Uber or Sony (shouldn’t be that hard). What if this happened to an organization responsible for helping rape victims and this person leaked the private information of rape victims to the Internet? Would people be so willing to support the criminal? Would people be so eager to praise Github for not cooperating?<p>Just because Uber is a horrible, unethical company does not mean it isn’t protected under the law. We shouldn’t condone crime just because we don’t like the victims.