Idea for a third threat model example

[hirasso]

As I was reading through the two scenarios described in the Tutorial, I had a strong feeling that one important threat model was not covered: Myself as a developer! The threat model goes like this:

• I build a website that contains a contact form where submitters can leave their contact information
• I store the submitted contact form data in my database
• At some point in the future, I do a mysqldump and forget about the resulting *.sql file in a public folder on the server
• I also don't have a .htaccess directive to prevent direct access to *.sql files

This is the scenario I find the most likely for many simpler websites. Data theft. Maybe you find this a useful addition to the scenarios? It's not so much about implementation but more about realizing a threat even exists.