[Full-disclosure] ACM.ORG website has serious data leak again
- From: the hacker <info@xxxxxxxxxxxxxxx>
- Date: Fri, 19 Feb 2010 18:28:38 +0100
a serious data leak has been found on acm.org - full member information
including postal address and mail address can be extracted from the website.
In addition to that the data can also be modified
acm.org CEO John White has been informed more than 24 hours ago via
email about this problem, but there was no reaction at all from acm.org
(the reception of the email was confirmed by the hacker calling mr white
and asking if he got the mail...he said it was forwarded to IS
director...), they did not even ask where/what exactly the problem is.
The hacker has extracted several thousend datasets from the website as a
proof of concept.
so if you are a ACM member your data might be available to everyone -
let mr white know what you think of this: white@xxxxxxx
follow the development on www.the-hacker-news.com or
screenshots & details will follow once acm has closed the hole (if they
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/