I read that thread, it's quite concerning. Now I'm wondering how to determine if other providers are doing the same thing. I suppose I can test on a new instance, but that can only tell me definitively if they are doing it, not if they're not.
The thread is 7 years old, and DO hired competent people along the way.
The issue is not that it happened, or that they had clueless staff; the issue is that their board and senior management thought that the best way to respond to their own error was to blatantly lie in their blog that there was no problem at all.
It seems to have worked; they're massively valuable now.
