All this talk about Nick Benson of TJX getting fired for exposing company confidential information is pretty also-ran. I can't remember what movie it was (maybe Coach Carter) where the coach tells a celebrating player to "act like he's been there before" when he scored a basket…(or was it a touchdown?)

It really shows the level of immaturity of the entire security space to see "professionals" who not only applaud this kind of behavior, but actually advocate it. I guarantee you, these advocates are folks who haven't really seen the inside of more than a couple of small companies in their careers. (Btw – kudos to those who counseled against the behavior either publicly or privately.)

Anyone who has been around large companies and knows something about IT environments knows that these types of problems are routinely identified and addressed (and newly created and identified and addressed, etc…). Yes, this stuff happens all the time and there is no reason to go public with the information.

Benson probably is a nice kid, and it is too bad that this kind of behavior is encouraged. I suspect he didn't realize that he likely increased the risk of those vulnerabilities being exploited a thousand-fold, but keeping secrets is only in vogue if it is self-serving (as with your personal information).

He got fired for something every employee should be fired for. Hopefully, it was a lesson learned.