The takeaway
Leaving aside all the sensationalism in the article, it seems worth pointing out:
1. Secrets do not belong in version control. This can be enforced by developer education and by the use of pre-commit hooks as a second-level safety net (furthermore, I believe that GitLab can be set to reject commits containing potentially sensitive data?).
2. Once a secret has leaked, a take-down request may be a mitigation step, but by no means does it solve the problem. That was an expensive mistake to make.
Biting the hand that feeds IT
