lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat Apr 22 19:10:17 2006 From: crypticmauler at linuxmail.org (CrYpTiC MauleR) Subject: Who Do I Contact? I called the FBI they said to call the local police, who then told me to call the Attorney General of that state. I can't speak to him or anyone in his office until Monday due to being close on weekend. So school is lucky to get an extra 24 hours to fix this. > ----- Original Message ----- > From: "Gadi Evron" <ge@...uxbox.org> > To: "CrYpTiC MauleR" <crypticmauler@...uxmail.org> > Subject: Re: [Full-disclosure] Who Do I Contact? > Date: Sat, 22 Apr 2006 19:30:00 +0200 > > > CrYpTiC MauleR wrote: > > I am sorry I am not going to say who the school is. Mainly > > because so many socials numbers are at risk including mine. I > > have contacted the VP of Information Technology and he assured me > > he would call the company that makes the website. After 20 days > > the hole was not fixed, so I called the department heads and am > > giving them 48 hours from then which is now currently at 24 hours > > before I move onto notifying someone else. I was also thinking > > about contacting FBI about this seeing they handle school > > breaches but not sure. > > > > I will not go full disclosure with the info, collect SSNs and > > show school (illegal) and also please don't ask me for the > > school's name or the details of the hole. The school has been > > careless even with the tech department making a support ticket > > about my initial report which I later found out anyone could view > > too. They obviously don't know how to do anything right. So if > > anyone could provide me with a phone number or place I can > > contact would be great. Please do not reply with a name or number > > without it being posted on a credited site or be easily > > verifiable. I am not going to just randomly call whoever someone > > tells me too. Could be some idiot wants to just trick me into > > giving the details to him. Thank for the help so far guys! > > > > I can connect with the secret service, but I am not sure they are > the right people. > > Without even some minor details, I can't help. > -- /~\ The Green > \ / Ribbon Campaign > X Against Purple > / \ Ribbons! -- "The Geometry of Shadows", Babylon 5. > -- _______________________________________________ Check out the latest SMS services @ http://www.linuxmail.org This allows you to send and receive SMS through your mailbox. Powered by Outblaze
Powered by blists - more mailing lists