From my experience working on financial systems, PII leaks rarely happen because someone intentionally exposed sensitive data. Most of the time they come from ordinary engineering decisions made during development that aren’t caught by code reviews. For example, a developer catches an exception from a third-party API and logs the response payload for troubleshooting.… Read more
On building software and the decisions behind it