Yeah, the term "breached" was a very poor choice, because it sounds like "this was breached recently" instead of telling "the database could be seen by anyone ever since the app's conception, and it only came to light today" which has much worse implications.

This app's data store was "breached" in the same way that one breaches a castle by walking across the lowered drawbridge, through the open gate, past the empty guard stations.

My general observation thus far has been that submissions from 404media are rarely anything that I'd consider quality content for HN.

I wouldn't go that far. What they uncover with their FOIA requests that the general public would otherwise never know about tends to be quality content. And, like the Wired, their FOIA-based articles aren't paywalled.

This kind of pedantry drives me crazy.

If i leave my house unlocked and someone walks in and takes my TV, they still committed a crime!

Just because it was irresponsible of me, they still BREACHED MY PRIVACY.

The correct ethical behaviour in situations like this is to report to the site that this information is exposed, not download it and archive and repost it.

EVEN IF you believe that the app is itself unethical, you cannot tell from just the drivers licenses of the users who signed up that they have themselves done anything unethical justifying reprisal.

No one "breached" the site. The pictures sat on a public-facing Firebase bucket, ripe for the taking.