This is wrong and risky at so many levels, not sure if using the big tech name here was a clickbait in the first place
1. Not all employees have access to account and user data in any medium+ size company
2. What one does in their own time is personal business but what one does in their own time on company IP is not personal anymore. The person might even get fired, the karma point or couple hundred are not worth the risk.
3. This just creates a channel to identify the weak links in human chain for phishing attacks
Ironically instagram was not even in the list for selection for the form
1. Not all employees have access to account and user data in any medium+ size company
2. What one does in their own time is personal business but what one does in their own time on company IP is not personal anymore. The person might even get fired, the karma point or couple hundred are not worth the risk.
3. This just creates a channel to identify the weak links in human chain for phishing attacks
Ironically instagram was not even in the list for selection for the form