, SecurityFocus 2003-09-25
At least 1,000 automobile shoppers who submitted online credit applications to any of 150 different automotive dealerships around the U.S. had their personal and financial details exposed on a publicly-accessible website, according to a computer security consultant who stumbled across the privacy gaffe.
Expand all |
Post comment
Car shoppers' credit details exposed in bulk
2003-09-25
Anonymous (3 replies)
Anonymous (3 replies)
Car shoppers' credit details exposed in bulk
2003-09-25
Anonymous (2 replies)
Anonymous (2 replies)
More than likely, the CIO's idea of IT security is a web designer who set up a web server and believed that because the transaction was handled via SSL, everything was encrypted.
Besides this, how often is IT security listened to by the system and network admins? How often are IT security allowed to do penetration tests, just for the heck of it. How often is IT security allowed to review all code from another department, in this instant web development?
The CIO is fully to blame in my mind ...
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/7067/22725#22725