I'm not sure what you mean? Do you mean how was this reported?
No.
The first time it was discovered, if not by someone who deliberately search to find issues (QA, hackers and the likes), it was within a valid, good intentions business case which was under development.
One of the vulnerabilities include names and data. Before this vulnerability was known, what justified those (probably weird) names for databases, schemas?
We will never knows, just wandering, base on names assumption, how to go into that direction to fall into the issue.