| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: cta at hcsin.net (Bernie, CTA) Subject: Bankruptcy Court IT Security Contact Does anyone know the email address of the person responsible for the Security of the information systems of the United States Bankruptcy Court? I attempted to write them and bring attention to a simple security/privacy flaw in their system, which if exploited enables identity thieves to easily obtain personal and private information, including a debtors' PHI (Protected Health Information) that is protected from unauthorized disclosure pursuant to HIPAA Privacy Rules. While putting aside the HIPAA issues, and the fact the debtor must disclose certain information about their estate to "interested parties" and the general public, this may not appear significant from the standpoint of a Chapter 7 debtor. However, such flaw facilitates Identity Theft and may expose certain "private" information of a chapter 7, 11 or 13 debtor, to a "non- interested party", unjustly placing the debtors' financial assets at risk. I would like to give the person(s) accountable time to address the flaw or respond before it is fully disclosed. tic… tic… tic… - **************************************************** Bernie Chief Technology Architect Chief Security Officer cta@...in.net Euclidean Systems, Inc. ******************************************************* // "There is no expedient to which a man will not go // to avoid the pure labor of honest thinking." // Honest thought, the real business capital. // Observe> Think> Plan> Think> Do> Think> *******************************************************
Powered by blists - more mailing lists