That was a security engineer modifying internal security tooling without proper permissions/reviews.

The union piece was probably extra motivation but still you just do not do that to security infra, it should always be a firing offense unless it was a truly exceptional circumstance.

Conversely, this guy was in a DevRel role where it sounds like they released open source stuff all the time and the line was a lot more fuzzy (admittedly I've only heard one side of the story).