> leaked a bunch of data, and it wasn't disclosed, but Microsoft knew about it
Didn't we just have a topic here on HN how not disclosing the breach within 4 days is a securities fraud? Since Nov 9 there has been more than 4 days, so either there was no (material) breach, or Microsoft committed securities fraud and somehow expects to get away with it.
Why? Whoever is responsible for the data, we could assume if MS knew it, the owner of the data knew it too - if it's not MS, MS would notify them immediately. Of course, there's an option that the owner is privately held, has no investors and no interested third parties and no clients - then there's nobody to notify and nobody to defraud. But who would that owner be then?
Didn't we just have a topic here on HN how not disclosing the breach within 4 days is a securities fraud? Since Nov 9 there has been more than 4 days, so either there was no (material) breach, or Microsoft committed securities fraud and somehow expects to get away with it.