From: HINDERER Vincent (vhindererlexsi.com)
Date: Fri Jun 15 2007 - 06:58:55 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The operators of an X-rated Paris Hilton web site exposed the credit
card
numbers and identities of about 750 subscribers who signed up after the
site recently returned online in the face of a federal court injunction,
The Smoking Gun has learned.

After a tip from a visitor who read TSG's June 11 story about the
re-launching of the site, parisexposed.com, a reporter was able to
easily
access the subscriber list by changing a few characters in the web
address
for the site's sign-up page. Included in the lengthy list are a
subscriber's name, e-mail address, password, phone number, mailing
address,
and credit card number.

[snip]

More:
http://www.thesmokinggun.com/archive/years/2007/0613071exposed1.html

(Thanks to Ferg on [funsec] mailing-list)

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss
Tracking more than 209 million compromised records in 700 incidents over 7 years.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]