Re: Inside Job?
Why not? If you know who they are and have the ability to bring charges resulting in serious prison time if they renege on the deal it seems a fairly secure arrangement.
This happens all the time. Muppet commits keys to github, three random people get them, one of those three uses them. Corporate security/legal team contacts that person and asks them to delete what they've found. Usually it's just someone being curious and they're happy to, or already have.
If that person's a bit more ruthless and wants to gouge you for money, well it's probably worth it. Just paying the lawyers and CEO and all the PR people will cost more than Uber paid. It's a far cry from paying up to an anonymous ransomware author using Bitcoin.