How do you inform an organization of exposed sensitive data?
If you came across a Google result which brought you to a Google Sheets page which had login credentials to multiple websites; how would you go about ethically informing the organization of their compromised information?
Contact their security team. They should have contact details on their website. Provide links to the data. Do not copy/send any of the data.