zlacker

>>terafl+(OP)
Hi everyone - I'm the head of product here at Triplebyte. We did not make any intentional change to how profile visibility functions and (to the best of my knowledge) the issue referred to in OP's support response (and mentioned in the second half of OP's post) was fixed last year. (See my comment at the top of OP's link [4] for more from then.)

We'll have a more complete answer shortly.

EDIT: This does not appear to be a widespread issue. Continuing to investigate.

EDIT2: Full response from Ammon, our CEO, at https://news.ycombinator.com/item?id=31771836

>>rachof+vo
I appreciate you taking this seriously. If it turns out that it's indeed not a widespread issue, I would take that as a positive outcome because it means fewer people had their data exposed.

But I hope you can understand why I'm skeptical: not just because of Triplebyte's track record, but also because the customer support representative who responded to me seemed to be under the impression that this hadn't been fixed retroactively. If I'd instead gotten a response that said "hang on, that shouldn't have happened, give us some time to figure out what's going on", I would have found it a lot less concerning.

>>terafl+Nx
Yeah, totally understandable. Although I don't want to throw our support folks under the bus here either: it's really hard to be 100% accurate when you're dealing with years of relatively fast-paced development. If you respond to enough emails with your best guess, you're gonna get one wrong eventually, and once in a while that one happens to spook people!

Anyway, tl;dr - see Ammon's top-level reply.