following the tea story, i want to share something that happened to me a few months ago, which is very similar. Basically, I wanted to get my taxes done so I contacted a mid-sized accounting business in Canada. They told me to register online and to send my documents on their online platform.

After sending my documents, I realize that, in my account, when I put my mouse over my documents, I see a link, like "taxwebsite.com/wp-uploads/2025/03/MyDocument.pdf". I'm not not a tech expert, but I'm more tech-savvy than the average person and I knew that this was pretty bad, but I thought maybe you had to be logged into my account to access this document or something. I tried copy-pasting the URL into another device that wasnt logged into my account, and yeah, to my big surprise, my document was accessible. So all the documents that their tens of thousands of clients uploaded to their website are literally out the open, totally accessible by an easy-to-guess public URL.

I then contacted the company by phone and explained the situation to a total tech-illiterate arabic cunt who acted like this was a nothingburger and told me to send all this info by email, which I did like 15 minutes later. I tell them this is urgent and it has to be dealt with.

3 days later my doc is still up, so I try to follow-up with them. No answer on the phone or email. 3 days later, doc still up, so I decide to file a complaint. But who the fuck do I call? My documents, along with the documents of everyone else, containing my SSN, adderss, full name, total income etc are 100% accessible by anyone. It doesn't even take any technical skills to access, and the information in there is pretty much the most valuable info a malicious actor could get. So it's a goldmine for any malicious actor. It's easy and worthy. Anyway, I tried researching on WHO to fucking call to make a complaint, and it seems like in Canada, we have nothing like that.

cont in next post

calling the police for that would be pointless, the cops where i live are 100% clueless lazy faggots. so i looked at government entities to contact in case of data breach, and there was 1 for federal, 1 for provincial. I tried contacting both of them by phone but it is literally impossible to get in touch with someone. The only thing I could have done was fill a form and "maybe" expect a reply in 6-8 weeks.

Thankfully, the CEO contacted me personally the same day, apologized and took my documents down. No idea if others are still up and I won'T search. But he said it took a week because their IT team was on it but didnt know what to do, which is obviously bullshit.

But what the fuck. I then searched and realized that even if someone accessed all the documents and sold everyone's PIIs, nobody at his company would face jail time or any consequences. They would basically just close the company and reopen it under a new name, with virtually zero consequences, zero accountability.

I've been blackpilled more than once in this world, but in regards to tech and cybersecurity, that's the biggest blackpill i've ever seen. What the actual fuck.

TL;DR
>send my tax docs with super sensitive info on an accounting website's "secure platform"
>all my docs are accessible by an easy to guess/scrape public URL
>panic
>reach the company and tell them to fix this
>nothing happens for 6 days
>want to make a legal complaitn somewhere
>nobody to call
>nobody to reach
>nobody to talk to
>nothing can be done about this
>if their clients PII get stolen, they wont face any legal repercussions or consequences
>kek

>solution