as the size of the company grows past a certain size, especially these "move fast and break things" idiots, i feel like the likelihood of this goes up. there are more and more people, someone is bound to do something stupid.
The fact that this is a big company is exactly why strict access policies are necessary! I might trust a handful of administrators, or a limited set of engineers whose data access is audited, but I sure as hell would not trust thousands of engineers with my private data.
Other tech companies (e.g Google) safely silo PII data, and any access has to be audited.
I cannot wait before GDPR is implemented in Europe... at least companies will be seriously fined if they want to cut corners on privacy and data protection.
