Should GitHub be liable for any damages caused by this issue, like some think Crowdsec should be for what happened last week?

Morally seems even worse, Crowdsec did it by accident, GitHub knows about it for years now.