Dissent Doe :cupofcoffee:<p>In August 2020, <span class="h-card" translate="no"><a href="https://infosec.exchange/@SchizoDuckie" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>SchizoDuckie</span></a></span> and I published what was to become the first of a series of articles or posts called "No Need to Hack When It's Leaking."</p><p>In today's installment, I bring you "No Need to Hack When It's Leaking: Brandt Kettwick Defense Edition." It chronicles efforts by <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span>, <span class="h-card" translate="no"><a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masek</span></a></span>, and I to alert a Minnesota law firm to lock down their exposed files, some of which were quite sensitive.</p><p>Read the post and see how even the state's Bureau of Criminal Apprehension had trouble getting this law firm to respond appropriately. </p><p><a href="https://databreaches.net/2025/07/04/no-need-to-hack-when-its-leaking-brandt-kettwick-defense-edition/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/07/04/no</span><span class="invisible">-need-to-hack-when-its-leaking-brandt-kettwick-defense-edition/</span></a></p><p>Great thanks to the Minnesota Bureau of Criminal Apprehension for their help on this one, and to <span class="h-card" translate="no"><a href="https://infosec.exchange/@TonyYarusso" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>TonyYarusso</span></a></span> and <span class="h-card" translate="no"><a href="https://hachyderm.io/@bkoehn" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bkoehn</span></a></span> for their efforts. </p><p><a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>misconfiguration</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/incidentmanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentmanagement</span></a> <a href="https://infosec.exchange/tags/responsibledisclosure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>responsibledisclosure</span></a> <a href="https://infosec.exchange/tags/securityalert" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityalert</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>