[nsp-sec] Level3, need to have you customer take this down.
John Fraizer
john at op-sec.us
Tue Jul 15 01:33:06 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Bill Woodcock wrote:
> > Did nobody see my post to nsp-leo-sec this morning? :)
>
> Oop! Sorry, didn't mean to duplicate, just saw another mention of it, and
> saw that the site was still up.
>
> -Bill
No worries.
Just to put the facts out...
Lots of personal and identifying information included in the file in the
URL I posted to NSP-LEO-SEC this morning (one which Bill also posted
here)... In addition, the CC information appears to be 100% Federal
Government issued credit cards.
The financial fraud issues aside, the op-sec issues here are huge.
Given the FED representaion on NSP-LEO-SEC, I figured this was a
no-brainer to jump on.
John
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFIfDaS+16lRpJszIgRAsS4AJwKR6yvaAhR0bvrXV8FVKlwvl4XeACghBye
AJsO3UlT2tC0zEJOR24k/4k=
=Xn+d
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list