I'd love to see this happen to every billion dollar company that doesn't have a bug bounty program. Offering zero incentive for reporting vulnerability just encourages hackers to exploit it for their own advantage or to wreak havoc.
As a paying customer, I expect better from these companies and personally wouldn't blame the hackers for exploiting their findings if no program exists.
The Federal Government? Thank goodness these companies only operate in one country. Or we've finally succeeded in uniting under one singular world government
In case you haven't noticed, the FBI charges hackers across the world on a frequent basis. And you should fear them regardless of what country you're in if you're going to be messing with American companies. I've worked at companies where the FBI caught our engineers that were offshore stealing IP. The Company didn't have a clue, they are watching anything and everything that concerns American interest and yes there are no jurisdictions/borders stopping them, outside of Russia, Iran and NK ofc.
What if the billion dollar company has a responsible disclosure process and internal vulnerability management program and has just decided not to pay for unsolicited bug reports? Where is the negligence?
As a paying customer, I expect better from these companies and personally wouldn't blame the hackers for exploiting their findings if no program exists.