Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Who Do I Contact?
From: "Brian Eaton" <eaton.lists () gmail com>
Date: Sat, 22 Apr 2006 12:52:14 -0400

On 4/22/06, CrYpTiC MauleR <crypticmauler () linuxmail org> wrote:
I am sorry I am not going to say who the school is. Mainly because so many
socials numbers are at risk including mine. I have contacted the VP of Information
Technology and he assured me he would call the company that makes the website.
After 20 days the hole was not fixed, so I called the department heads and am
giving them 48 hours from then which is now currently at 24 hours before I move
onto notifying someone else. I was also thinking about contacting FBI about this
seeing they handle school breaches but not sure.

How about notifying the school newspaper?  Take a tech savvy reporter,
prove to them the hole exists, and let them get some quotes from the
VP of IT explaining exactly what the school is doing to fix the
problem.

A little sunshine can have some wonderful effects.

Regards,
Brian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]