Website Exposed More Than Paris Hilton

["Fergie" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sending to funsec instead of privacy, because... well, because
it involves Paris Hilton. :-)

Via The Smoking Gun.

[snip]

The operators of an X-rated Paris Hilton web site exposed the credit card
numbers and identities of about 750 subscribers who signed up after the
site recently returned online in the face of a federal court injunction,
The Smoking Gun has learned.

After a tip from a visitor who read TSG's June 11 story about the
re-launching of the site, parisexposed.com, a reporter was able to easily
access the subscriber list by changing a few characters in the web address
for the site's sign-up page. Included in the lengthy list are a
subscriber's name, e-mail address, password, phone number, mailing address,
and credit card number.

[snip]

More:
http://www.thesmokinggun.com/archive/years/2007/0613071exposed1.html

Enjoy. :-)

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.1 (Build 1012)

wj8DBQFGcWmHq1pz9mNUZTMRAmbsAJ9shChR6dOV8QR9nGFyUrOKf2ofPQCeJD7R
jn3AuWxZhl0DsI39qKDXaMY=
=RGgo
-----END PGP SIGNATURE-----




--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.