Compromise is such a ..... dirty.... word
Are we ***sure*** that there has been a compromise.....
I mean, all it takes on one little design specification saying that upon error the system is to blurt out all of the access credentials ever used for it, and its not compromised at all. It is operating by design :-)
Alternately, if the design specs didn't **explicitly** say that outputting passwords was disallowed, then again, the system is operating as designed.
It's not as if somebody actually hacked them :-P
Sigh