A security researcher found customer names and workplace affiliations spilling directly from Hapn’s servers.