This still happens at some firms every so often with source code and private signing key sets.
The issue is usually management making an arbitrary call on who is part of the development pipeline. Thus, for a time some contractors and partners may get a backup of the build tree or temporary repository access (if you catch the "new" users.)
It is harder than one would think to keep things confidential...
Cleaning up after one of these leaks is another set of problems, but usually at that point it is better to jump ship.
The issue is usually management making an arbitrary call on who is part of the development pipeline. Thus, for a time some contractors and partners may get a backup of the build tree or temporary repository access (if you catch the "new" users.)
It is harder than one would think to keep things confidential...
Cleaning up after one of these leaks is another set of problems, but usually at that point it is better to jump ship.
Best of luck, =)