“A: "I do not think it's relevant to talk about it as a security incident." B: "He still screamed the PIN code of the secure room to his colleague in the lobby of the company"”