I've just received a responsible disclosure email, detailing several problems with a publicly accessible Postgres database. The person and company behind the email appear to be legit, and I've no reason to doubt the venerabilities they've discovered.
Only problem is that it's not my database […]
