[Dataloss] Website Exposed More Than Paris Hilton
HINDERER Vincent
vhinderer at lexsi.com
Fri Jun 15 11:58:55 UTC 2007
The operators of an X-rated Paris Hilton web site exposed the credit
card
numbers and identities of about 750 subscribers who signed up after the
site recently returned online in the face of a federal court injunction,
The Smoking Gun has learned.
After a tip from a visitor who read TSG's June 11 story about the
re-launching of the site, parisexposed.com, a reporter was able to
easily
access the subscriber list by changing a few characters in the web
address
for the site's sign-up page. Included in the lengthy list are a
subscriber's name, e-mail address, password, phone number, mailing
address,
and credit card number.
[snip]
More:
http://www.thesmokinggun.com/archive/years/2007/0613071exposed1.html
(Thanks to Ferg on [funsec] mailing-list)
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg(at)netzero.net
ferg's tech blog: http://fergdawg.blogspot.com/
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
More information about the Dataloss
mailing list