More likely is the case
"I've just found a glaring security hole in e-crappo's discount data storage service.... here's how I did it, heres the data"
And you store that e.mail (and data) to prove el-crappos is exactly what it says on the tin and to have a reasonable defence in case el-crappo turns around and tells the police
"he a l33t h4XX0r and hacked our database.... "
The guy can turn around and say "The root account was 'Admin" and the password was "1234" and it allowed logins from where ever instead of a white list of allowed IP addresses" and heres the proof (and emails I sent them)