I can't imagine they'd spam every account with an email address, though an email to organization owners would make more sense.
reply> I can't imagine they'd spam every account with an email address
replyIt's not "spam" if it is relevant to me, such as security incident disclosures.
Also, as tiffanyh pointed out, what's wrong with Github blog or is that exclusively for marketing fluff now? That would've been appropriate enough, without having to spend Sendgrid credits.
Mailing every (potentially) affected entity is common and good practice for major incidents.
replyIsn't it the first stop for the USG at this point? I mean, I wish the world were a different place but here we are.
reply