judgecorp writes "A British IT student found a privacy flaw in the app Facebook provided for users to send New Year's messages to each other as the clock struck 12. By manipulating the web address of a greeting, Jack Jenkins found he could read and delete other users' messages. Facebook ignored his report, so he told the Verge which published it — Facebook then withdrew the app, fixed it, and put it back before the New Year rolled in. All without thanking or even responding to Jenkins."
Link to Original Source