Submitted 5 hours ago by King@sh.itjust.works to technology@lemmy.world
I remember in the mid 90s I was looking at Linux World’s website and they had just implemented account registrations that same day. I was fuzzing the website and they had left directory browsing enabled and the users, passwords, and email was sitting in a plain text flat file that was world readable.
I emailed them, didn’t get a response but within the hour the registration/login was disabled along with no more directory browsing.
Glad I gave them a virtual card number for Wired.com
I don’t believe card details are in there as they use a separate payment provider. (If I go to my account management page and attempt to modify my payment method, the page begins making many requests to Stripe)
But hey, it’s still got names, addresses, phone numbers, emails, all that jazz.
The zip archive is protected by a password, and I’d appreciate being able to verify if my data is actually in this breach as I’m a WIRED subscriber. If anyone has the password to the breach file, please let me know.
northernlights@lemmy.today 2 hours ago
Can’t they say what data has been stolen? It’s kinda important.