[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] ACM.ORG data leak still there 4 days after announcing to CEO John White

To: the hacker <info@xxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] ACM.ORG data leak still there 4 days after announcing to CEO John White
From: Stack Smasher <stacksmasher@xxxxxxxxx>
Date: Thu, 25 Feb 2010 08:18:53 -0700

Seriously dude this is not a big deal. This site does not have any
information worth protecting. Stop acting like you hacked the fucking
Pentagon and move alone.

 They don't give a shit and nether does anyone else.

Its a professional group who would give you the information you found if you
asked nice enough!





On Mon, Feb 22, 2010 at 10:07 AM, the hacker <info@xxxxxxxxxxxxxxx> wrote:

>  4 days since I informed ACM's CEO John White of the severe data leak on
> acm.org - but the leak has not been fixed
>
> 26 hour after contacting ACM and 2 hours after a reminder to the CEO I got
> an email from ACM member services:
>
> "Thank you for pointing out the security issues you located on acm.org. We
> are in the process of updating these security issues."
>
> But that was 3 days ago and nothing has changed - they did not even ask me
> where the leak is!
>
> as stated before full postal and email address data can be extracted from a
> database & also overwritten
>
> I'm going to write CEO Mr. White again and attach a sample of 2500
> extracted addresses & send it to some CC's
>
> Its weird, I mean this company is not selling flowers, ACM states on its
> website that " ACM is an educational and scientific society uniting the
> world's computing educators, researchers and professionals to inspire
> dialogue, share resources and address the field's challenges. ACM
> strengthens the profession's collective voice through strong leadership,
> promotion of the highest standards, and recognition of technical excellence.
> ACM supports the professional growth of its members by providing
> opportunities for life-long learning, career development, and professional
> networking."
>
> so where is technical excellence here???
>
> details & screenshot of extracted data on http://www.the-hacker-news.com/
>
> follow this on http://twitter.com/_the_hacker_
>
> the hacker
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
"If you see me laughing, you better have backups"

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] ACM.ORG data leak still there 4 days after announcing to CEO John White
  - From: the hacker

Prev by Date: Re: [Full-disclosure] EasyJet is storing user passwords in the clear
Next by Date: Re: [Full-disclosure] EasyJet is storing user passwords in the clear
Previous by thread: Re: [Full-disclosure] ACM.ORG data leak still there 4 days after announcing to CEO John White
Next by thread: Re: [Full-disclosure] Oracle eBusiness Suite 11i - Cross Site Scripting - All Parameters
Index(es):
- Date
- Thread