I think I am in the neither condone nor condemn crowd although I see several factors at play and I do not doubt I am overlooking many more. For me at best an interesting phenomenon and I guess by virtue of that alone it will be somewhat memorable although this sort of thing is not all that novel. I might have chosen to tweak the data (did a bit of hashing to the end of enough to tell sort if thing) to make it fit for release.
I will state though I have not seen any analysis of the attacks and if it was just a bunch of simple SQL injections (although being vulnerable to such things in this day and age is a noteworthy oversight) it loses the "how novel" compliment I might pay them.
I have issues with some of the analogies being tossed around here (I have issues with most analogies in a moral debate) if only because before that starts we need to establish the scope of "ill" actions and so far as I know nobody in history has pulled that one off yet and probably never will but I wish to avoid discussing that as it does not look like it will lead anywhere interesting. I only hope this choice will stand up and I can avoid making more but get my point across. Back on topic as it were and continuing with the factors at play thing
The notion of privacy and it being something worth having and it being forced into the spotlight where it has effectively danced on the edges for some time (although I do not wish to suggest this was a cause and effect thing).
The idea that the trust unpinning a lot of things is misplaced. To say nothing of what is considered valuable data [insert dig at social security numbers] and how it works [insert dig at credit scores].
Re: Got together and decided let us have bad security.
Because inaction (either by straight up inaction or fobbing it off on Johnny just did three years of java) counts for nothing?
Re: Stealing is still stealing whether from a bank vault or secured with a post it.
Certainly but there is another phrase that needs to be mentioned and it is "duty of care".
"Finally they're gone. The should just contacted the companies and tell them to get their shit straight. If they didn't THEN they should make the shit public.. "
Such things have been done for years. In a way this might have been a "the old way is not working" type of thing.
"My data"
Several things occur to me at this juncture.
It was not your data but the data holders (give or take licensing concerns) but that feels like restating things said elsewhere in this reply at best or a cop out at worst so I am not inclined to ponder it for too much longer.
Was the data worth the service? (assuming an unmolested system).
Following the duty of care thing might it cut both ways?
"At first I used to like them but after they published my personal info I started to hate them. "
No reply at the moment I just wanted to quote it.
"Deserve"
An interesting concept and it is no accident it follows the last quote. Certainly I would not begrudge a few moments of my time to help someone pick up a few pieces of their electronic existence as it were but more generally
"out to cause mayhem and chaos at the expense of people who have done them no wrong"
I want to rephrase that
"...undertook actions that were likely to cause some measure of mayhem in their wake and likely those on the receiving end had no reason to expect attack". Were I to be so bold as to read in some underlying logic to their actions I would say something like "can't make an omelette without breaking a few eggs. Certainly it sucks to be the eggs though.".
@Foxi4 and the hacking scene certainly there are many that follow that ethos and "culturally" speaking it is a very important one but I find it hard to believe that it is even the majority ethos/philosophy (pen testing both commercial and otherwise (the likes of backtrack), the ever popular colours of hats err debate and all the various related branches of hacking culture (lock picking, the conventions, the books and so on).
[edit]@Puppy_Washer before you head further into this can I point you at the definitions of social engineering and cryptography/electronic security[/edit]
I see I am drifting off into something more resembling a philosophical debate with more than a pinch of sociology and wondering at the big picture appearing so I think I will end with two main links
http://www.youtube.com/watch?v=5CWrzVJYLWw
http://www.youtube.com/watch?v=YDW7kobM6Ik
and a sentence along the lines of
These are interesting times we live in where physical force counts for less and less (I might liken it to the introduction of the crossbow), the ability to comprehend the effect of things is actually lessened vs biology (
http://www.youtube.com/watch?v=LTO_dZUvbJA ,
http://www.youtube.com/watch?v=VO6XEQIsCoM...;feature=relmfu ,
http://www.youtube.com/watch?v=pQItB5uoiHI...feature=related ), we are starting to reap what has been sown with regards to the idea of privacy and the treatment of it, motivations for people at least have the potential to be radically different to what traditionally might have came before and frankly I would not go back.