The guy LITERALLY MADE A FILE WITH HIS SFTP CREDENTIALS
Uploaded accidentally to the Wordpress server
A hacker scanned our server, found the file, used the credentials and then we got hacked
And he swears that he DIDN'T MAKE THE FILE, HE NEVER SAW THAT SHIT BEFORE
Guys I'm not paid enough for this