Dear all, as one of the editors of Code4Lib Journal I would like beg your pardon for the security incident.
Since the journal is edited by a group of volunteers and we do not have any formal organizational structure, we as a journal do not have yet an common answer, but I can tell you my private opinion. Right now we are considering the suggestions of the open letter. Some of them could be implemented and there is a high chance that will be implemented. In this particular case we made a couple of editorial, communication related and technical mistakes, but we are aware of the importance of the problem, and I personally disagree that the data breach happened because we did not take care of the ethical concern. In this case - and again speaking only from my part - I did not have the necessary knowledge to check the content of files in a particular (Power BI) format, and thus I was not aware of the real content of that files (the article itself doesn't tell details about the content of the attached file). It is sure we are taking care of this issue and the open letter, and we act accordingly. I hope that in the following days we will also have a better statement than mine, that will reflect the opinion of all editors. I beg your pardon again, Péter Király