Agree on this being stupid.

> my bet is rather on awful security and infrastructure practices

For sure. As far as I know ByteDance does not have an established culture of always building secure systems.

You don't need to be a mastermind cracker. I've used/built several systems for research computing and the defaults are always... less than ideal. Without a beefier budget and a lot of luck (cause you need the right people) it's hard to have a secure system while maintaining a friendly, open atmosphere. Which, as you know, is critical to a research lab.

Also,

> from a different group

Sounds like it was more like a different sub-team of the same group.

From what I heard I'd also argue that this could be told as a weak supply chain attack story. Like, if someone you know from your school re-trained a CLIP with private data, would you really think twice and say "safetensors or I'm not going to use it"?