It's common knowledge that developers often leak sensitive information when they publish open source code. A single mistake can accidentally leak out enough information for an attacker to infiltrate a company and tear it down from the inside out or rack up huge bills in the name of mining bitcoin.