3.4 KiB
Are you the copyright holder or authorized to act on the copyright owner's behalf?
Yes, I am authorized to act on the copyright owner's behalf.
Please describe the nature of your copyright ownership or authorization to act on the owner's behalf.
I am [private] for Transposit Corp. I am one of the "owner"/"admin" for the Transposit github organziation. I am duly authorized to act on the behalf of Transposit Corporation for the intellectual property of our code base. You can see my profile on LinkedIn: [private]. My work email is [private]. The other owner, [private], is [private].
Please provide a detailed description of the original copyrighted work that has allegedly been infringed. If possible, include a URL to where it is posted online.
The repository: https://github.com/nivead-transposit/ci-test was accidentally forked/cloned as a public repository and is a direct copy of our private code base from 2 years back. We discovered that this was the situation on Thursday 12/17/2020 via a security researcher who pointed out that some of our code base was public. It also contained a couple of references to API tokens with the URL. Both the Wavefront & the OpsGenie tokens have been cycled, but they were still valid tokens that were exposed.
What files should be taken down? Please provide URLs for each file, or if the entire repository, the repository’s URL.
The complete repository. https://github.com/nivead-transposit/ci-test
Have you searched for any forks of the allegedly infringing files or repositories? Each fork is a distinct repository and must be identified separately if you believe it is infringing and wish to have it taken down.
It appears this is the only case like this.
Is the work licensed under an open source license? If so, which open source license? Are the allegedly infringing files being used under the open source license, or are they in violation of the license?
Not that I am aware of.
What would be the best solution for the alleged infringement? Are there specific changes the other person can make other than removal? Can the repository be made private?
We contacted [private] who is the former employee that made this mistake. Unfortunately, he wasn't able to access the github account because it requires a log in with [private]. We recreated that email and attempted to access the account (with [private]'s cooperation), however, he didn't have any form of the MFA that allowed either of us to access the github account.
Do you have the alleged infringer’s contact information? If so, please provide it.
[private]
I have a good faith belief that use of the copyrighted materials described above on the infringing web pages is not authorized by the copyright owner, or its agent, or the law.
I have taken fair use into consideration.
I swear, under penalty of perjury, that the information in this notification is accurate and that I am the copyright owner, or am authorized to act on behalf of the owner, of an exclusive right that is allegedly infringed.
I have read and understand GitHub's Guide to Submitting a DMCA Takedown Notice.
So that we can get back to you, please provide either your telephone number or physical address.
[private]
Please type your full legal name below to sign this request.
[private]