> So the fact that they're sending out this E-Mail tells us that they either don't keep logs on requests + POST contents, or that they haven't had the time or inclination to analyze this data if they have it.
No.
Github is primarily a B2B company. They're not making their big bucks off of individuals.
Businesses understand that problems arise. What they want to see is immediate action taken to rectify the problems.
Business 101. Even if the problem can be easily fixed by flipping a switch on your end that the customer never has to know about, always show the client "you did something to fix the problem". This is an in-your-face-we-are-taking-charge action. Even though it is completely unnecessary from a security standpoint, it is necessary from a business one.
No.
Github is primarily a B2B company. They're not making their big bucks off of individuals.
Businesses understand that problems arise. What they want to see is immediate action taken to rectify the problems.
Business 101. Even if the problem can be easily fixed by flipping a switch on your end that the customer never has to know about, always show the client "you did something to fix the problem". This is an in-your-face-we-are-taking-charge action. Even though it is completely unnecessary from a security standpoint, it is necessary from a business one.
They get it.