One of the former city employees had a login to scout 7 that belonged to a current city employee (not sure why, I think he’s used the guys login whilst he was at city).
As such it was a misuse of data. Scout 7 weren’t the problem
The case was settled.
Maybe back then (christ, it was 8 years ago - they're not half grasping at straws), but these days I think
some questions for Scout 7 would come up, just for holding data that was breached. Though ultimately they're not totally at fault.
The funny thing then is it's basically
City's fault! I know the semantics over "hacking" get tired but as boneheaded easily-avoidable security incidents go, an old employee's account being active is like IT Security 101... scratch that. It's good user management any IT Service Desk should do - let alone slip by InfoSec
Pointing at LFC is the weirdest and laziest outcome of this...