Security Horror Story: Accidentally exposing PII data

A software development team working under immense pressure and with an unclear project vision accidentally exposed Personally Identifiable Information (PII) data. The issue arose when they added a feature to their mobile app that allowed users to claim properties, exposing the UUID of user profiles in JSON format. This leakage connected physical addresses to email addresses, compromising user privacy. The fix was simple but the aftermath involved numerous questions and paperwork. Lessons learned included implementing proper logging, reviewing data models, and promoting security awareness within the development process.