This is different from full disclosure because (1) in many cases the information is directly visible to the commmon user or publicly advertised by the company already, and (b) the insecurities aren't immediately directly exploitable (like plaintext passwords), just a risk factor in case of a hack.
