As much as I dislike Hillery, something about this article is not passing my smell test.
If it is a criminal breach of security to identify a SAP member, would it not be just as serious a breach to identify a SAP manager? Even a former one?
See freepmail.