lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20060705080906.5BE9BDA820@mailserver8.hushmail.com>
Date: Wed Jul  5 12:22:51 2006
From: screwedbytaxes at hushmail.com (screwedbytaxes@...hmail.com)
Subject: Who should i contact?

Hello all,

The recent thread on the exposed data containing hospital records 
made me think to ask something here.

I have recently received spam to several email addresses created 
explicitly and solely for filing my US federal taxes online through 
an internet tax filing system. The emails I received are tied to 
four separate filings by four separate people on a COMPLETELY 
unrelated subject through an IP address managed by a completely 
different person than the entity that these addresses were given 
to.

I've already asked the tax filing company for more information 
about any breaches they may have suffered and what other 
information may have been exposed. They asked for the source 
emails, which I provided, and I have not heard back. This was over 
a week ago.

What should I do? What would you do?

I'm not up on current legislation (I'm a part-time security guy), 
but would this fall under HIPAA (one of the people filing is 
disabled, that data was included on the online form), Sarbanes 
Oxley, GLBA, California Breach Act (I'm in CA)... or anything else?

Since it looks like they're not going to even respond to me, I'd 
like to nail them to the wall.

Thanks



Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ