contact the 'highest authority' of that 'facility' and tell them what is possible with their website/intranet. and let them know that *your* personal info is on the street, and that you, did not gave any permission to do so, then demand a resolution. (USA is a lawsuit to happen??)
if not then a """"""" . You have read it before in the mail thread what to do..
however, i'm having trouble with the fact that its a personal thing... thus keeping us not informed of the issue so and so, while some other *** can retreive info and do things that *you* are afraid of. (reason why you did not gave it in the first place) just because you didn't know that you are not the only guy knowing of the flaw... and thus compromising others of the flaw.
I love the Full disco
Just My 2 cents
D
On 4/22/06, CrYpTiC MauleR <
[EMAIL PROTECTED]> wrote:
If there is a security hole in a site of an educational institute that exposes social security numbers and they have not fixed it even when told about it. Who can be contacted to get it done? Department of Education? If so anyone know a phone number I can call? Btw this is in the USA.
--
_______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.
Powered by Outblaze
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
