Goodness

My coworker got promoted over me. He was worse at coding. Better at politics. I wrote better code. Fixed more bugs. Shipped faster. He talked in meetings. Took credit. Played the game. He got the promotion. I got "keep up the good work". That's when I realized: corporate rewards politics, not performance. Six months later I quit. Started freelancing. Now I make 3x his salary. No politics. No credit-stealing. Just solving problems and getting paid directly. The best developers rarely get promoted. They get used. Companies optimize for compliance and communication. Not competence. If you're technically great but politically terrible, you'll never win at corporations. Leave. Build your own thing. Get paid for your actual value.

Nine days ago, a major Kenyan health-tech startup was allegedly hacked, exposing the personal records of 4.8 million Kenyans. The platform was designed as a “health wallet,” allowing users to save, send, and pay for medical treatments or insurance. A hacker under the alias Kazu claimed responsibility for the attack, boasting about stealing 2.15 terabytes of data. He even leaked a 2GB sample online containing 114,000 real user records. Dates of birth, full names, national ID numbers, phone numbers, and even medical diagnoses, treatment details, and billing information from hospitals across the country were exposed. The ironic part is that just two months ago, the startup announced it had achieved ISO 27001:2022 certification, something considered the gold standard for information security management. No one yet knows exactly how the attacker gained access. It could have been through a vulnerable API endpoint, leaked credentials, or misconfigured cloud storage. I can only imagine what the company is currently facing or will face very soon. It’s likely one or more of the following: 1.Mass lawsuit 2.Severe reputational damage (loss of customer & investor trust) + mass customer panic and account deactivations 3.Fines & sanctions from regulatory bodies A platform built to make healthcare more accessible has now put millions at risk of identity theft, financial fraud, and even blackmail. Imagine stumbling upon a colleague’s medical history & discovering they’ve been treated for a chronic infection or disease. Security should be a shared responsibility across teams & must be considered from the planning phase of the SDLC.