> If true, that should certainly be a privacy and security concern to any GitHub customer or user.
We left github private repo hosting when they got VC funding. Because of such a scenario where we could be competing with a company that was funded by the same VC that gave GH money.
Now in a perfect world that shouldn't be a problem because the VC should never access private user data. But well ... as you see it's not a perfect world and if a wife of an employee can browse through customer data than why shouldn't this be true for the guy who gave GH a few million dollars?
She apparently had access to employee data, not customer data. In my experience, businesses will often play a little fast-and-loose with employee data - far more so than customer data.
Though I agree it presents a bad image of GitHub's access control in general.
Not the person you replied to, but we're a large company and we're using Gitlab internally, it even hooks up to LDAP which is fantastic. We still use some private Github projects too.
We left github private repo hosting when they got VC funding. Because of such a scenario where we could be competing with a company that was funded by the same VC that gave GH money.
Now in a perfect world that shouldn't be a problem because the VC should never access private user data. But well ... as you see it's not a perfect world and if a wife of an employee can browse through customer data than why shouldn't this be true for the guy who gave GH a few million dollars?