Re: [EDU-ops] [Full-disclosure] Who Do I Contact?

Yeah looking at just 'new' students there are potentially 7,000+ socials that can be stolen. This does not include students already attending. I dont know an exact count of the student population, but only had a new student registration list posted on site. So estimates are based on those and the fact that parents' SSNs can be viewed too because were provided for financial aid. So a family's identity can be stolen in turn =o/

----- Original Message -----
From: RLVaughn <Randy_Vaughn@xxxxxxxxxx>
To: "Gadi Evron" <ge@xxxxxxxxxxxx>
Subject: Re: [EDU-ops] [Full-disclosure] Who Do I Contact?
Date: Sat, 22 Apr 2006 11:41:59 -0500

Gadi Evron wrote:
CrYpTiC MauleR wrote:
I am sorry I am not going to say who the school is. Mainly
because so many socials numbers are at risk including mine. I
have contacted the VP of Information Technology and he assured
me he would call the company that makes the website. After 20
days the hole was not fixed, so I called the department heads
and am giving them 48 hours from then which is now currently at
24 hours before I move onto notifying someone else. I was also
thinking about contacting FBI about this seeing they handle
school breaches but not sure.

I will not go full disclosure with the info, collect SSNs and
show school (illegal) and also please don't ask me for the
school's name or the details of the hole. The school has been
careless even with the tech department making a support ticket
about my initial report which I later found out anyone could
view too. They obviously don't know how to do anything right. So
if anyone could provide me with a phone number or place I can
contact would be great. Please do not reply with a name or
number without it being posted on a credited site or be easily
verifiable. I am not going to just randomly call whoever someone
tells me too. Could be some idiot wants to just trick me into
giving the details to him. Thank for the help so far guys!

I will see if someone can contact you.
EDU-ops mailing list
I am checking on an appropriate contact. I fully understand your desire to
establish a credible contact and to protect information at risk. Given
this is a weekend a contact may not be forthcoming until Monday or Tuesday.

Best Regards,
Randal Vaughn
Professor, Information Systems
Baylor University
(254) 710 4756

Check out the latest SMS services @
This allows you to send and receive SMS through your mailbox.

Powered by Outblaze

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -