"I think that IBM already HAD (recently let go in resource actions) some amazing infosec people"
How could this not be entitled "IBM's Dockers Pulled Down Around Ankles?"
(If that makes no sense, see dockers.com)
I didn't know people still used Swarm. #Kubernetes4eva
Big Blew indeed.
"Had the flaw been exploited"
Um, sorry but how can they be sure it hasn't ? If the only way to be sure is to re-image the servers, then it sounds like they won't really have any way to be sure.
Also ; two weeks ?!? Why wasn't shutting everything down immediately until the issue was corrected not an option ? It's not like this environment is heavily used by . . oh, I get it. Non-critical, maybe even a let-it-run-so-we-see-if-anyone-tries-something test. Okay, as long as no personal data is lost, I'm fine with that.
Re: "Had the flaw been exploited"
Two weeks is easily long enough for a miscreant to take complete control of IBM's systems.
However, it's possible that they changed the locks immediately, and only took the old keys out fron under the flowerpot two weeks later.
Why is it so hard to learn not to leave the keys outside?
Other peoples computers you have no control over, nor guarantee of data security