And don't use the same address more than once which they obviously have FAILED to do thus leaking their public key to the whole world.
Where are you referring to? The BitcoinEater address? If so, it hasn't revealed its public key, since it's a burning address. You reveal your public key when you spend one of the outputs.
I would point out that in order to know the public key, you either need to have access to the private key, or have learned information from someone who has access to the private key. The "bitcoinEater" address is claimed to be an address for which no one has the associated private key. If this is true, there is no projected risk that the private key will be able to be calculated based on the address. If it is not true, whoever has the private key can just steal the coin.
Obviously, it is difficult to know with certainty if the "bitcoinEater" address is really one for which no one knows the private key.