The operator passed on personal information without knowing if a Hetzner employee might be the bad guy. Hetzner passed on personal information without knowing the server owner might be the bad guy.
If the operator had contacted the server owner directly to let him know his box was hacked, the result would have been the same.
Why did the operator have the expectation that an uplink of the server wouldn't just forward the mail to the server owner?
Because Hetzner is an award winning business who sells professional hosting solutions. You'd have a point if the company in question was some dodgy garage operation, but Hetzner isn't.
If EFNet are going to report the issue then there has to be a trust worthy contact at some point along the chain of network ownership, and Hetzner should have been that point. Quite frankly, it's irresponsible for a company of that size to behave in that way.
No, Hetzner is a bottom of the bucket discount dedicated server company. They are the German version of ThePlanet, and will likely collapse under their own stupidity soon enough as well.
I've personally tracked botnets infecting thousands of machines back to command and control servers at Hetzner. Guess what happens when you send off the report? They forward it to the bot herder.
What would Efnet lose by redacting the name of the operator themselves before doing it? They still show timestamped logs, and [operator redacted]@ef.net would be enough to note that an operator reported the issue.
If the log included chat between the malicious user and the operator, the malicious user __already knows__ the operator's nick, so there's no additional information. If the log doesn't include that, then what reason is there to include the nickname of the operator?
Rather than expecting Someone Else to sanitize our information (which fields do you feel are critical to redact? real name? phone number? IP? zodiac sign? Made-up-nickname?), it seems like it's a good idea to proactively redact the information ourself before making that abuse report.
The operator is the one that sent the email. Who are you suggesting should have redacted his name before transmitting it? Magic fairies in the SMTP servers?
They're not an ISP providing a dumb pipe. They're a hosting solution providing the servers that are generating the attacks. The attack is originating from them, not personal equipment relayed over their pipes.
The operator passed on personal information without knowing if a Hetzner employee might be the bad guy. Hetzner passed on personal information without knowing the server owner might be the bad guy.
If the operator had contacted the server owner directly to let him know his box was hacked, the result would have been the same.
Why did the operator have the expectation that an uplink of the server wouldn't just forward the mail to the server owner?