This is the oddest reporting on a data security breach I have ever seen. It’s bizarre, and seems to fall outside the typical protocols for dealing with security issues.
For example, this is from www.nbcnews.com:
After Bernie Sanders' presidential campaign was disciplined by the Democratic National Committee for improperly accessing the Hillary Clinton campaign's proprietary voter database, documents obtained and reviewed by NBC News appeared to show that at least four individuals affiliated with the Sanders campaign conducted searches and saved the Clinton campaign's lists of potential voters over a period of more than 40 minutes.
…
A series of documents outlining an audit trail maintained by the database company, obtained and reviewed by NBC News, shows that the four individuals spent a total of about 40 minutes conducting searches of the Clinton data. Those searches included terms that point to Sanders' team gaining access to proprietary lists from more than 10 early voting states of Clinton's likely supporters as well as lists for Sanders backers. That data was saved to personal folders.
For safety’s sake, security breach information is usually held close to the chest. Most security breaches aren’t even reported to media unless there is a danger that users need to be made aware of. You don’t want to give hackers any ideas or provide them with road maps. Security issues should be hush hush by their very nature.
I have never seen an audit trail of an actual breach being passed on to the media before. For me, this is unheard of. While, in this case, it may not actually pose a significant risk, it is most definitely bad practice.
This information wasn’t passed on to media to warn end users, so what was the purpose in its being released? And who decided to release it?