Oops hacked website
- Thread starter Flukester
- Start date
I would be stunned if that was really the case. Google doesn't index that quickly usually so unless they are taking a few days to move the system over then thats a bull excuse. Also, what large company has a server migration plan that exposes the backend in the process.
The IT team didn't know about it and probably don't want to admit that they made a mistake so they have taken it down to fix. Chances are that they will not have told management the truth as they would / should get a royal *******ing.
Soldato
- Joined
- 31 May 2009
- Posts
- 21,465
What do they sell?
What is their turnover?
What is their turnover?
Yeah, clearly they didn't know and were just lying, frankly it makes them look much more stupid if they knew about and let it happen than if it was an accident.
Email CEO, you clearly have the details from all that data you backed up before you contacted them!
Email CEO, you clearly have the details from all that data you backed up before you contacted them!
I remember WinMX used to share your whole download directory automatically. And you could browse everything most people had downloaded, simple as right click>browse user. Found some weird and interesting stuff randomly browsing. I was about 12 back then
Well I had a reply....
Basically it said 'thanks, we knew about the problem as we were moving servers'
I replied, 'oh, I guess no reward then
It's strange as soon as I had the reply the webserver was taken down... grrrrr
Hope you took a copy of all their data, send it to their head office
MW
How does moving servers allow this to happen
I hope it isnt a company I've used
You would have thought these breaches in security would have been highlighted during their change control prior to the servers move.
Do they advertise ISO 27000 compliance, it could lose them their certification ?
MW
Permabanned
- Joined
- 28 Dec 2009
- Posts
- 13,052
- Location
- london
I was searching for a new Turkish kebab restaurant in google and found their license application on the council website in the /documents/ folder. I sent an email to the council saying that i can view the documents as the documents/ folder was no indexable and i could view all the personal information and the guys signature. So not sure if that was meant to be viewable from google search or not.
Here is the link, do you think this is public document? taken link out
It may very well be public document.
Here is the link, do you think this is public document? taken link out
It may very well be public document.
Last edited:
Let him know anyway, it'll then be up to him to decide whether he wants the data back lol
MW
Even if it is a public document the signature should be redacted.
Permabanned
- Joined
- 28 Dec 2009
- Posts
- 13,052
- Location
- london
Yea probably best to remove the link then, wasn't sure if it was public doc or not, sometimes they have to pin those types of documents up on the wall. Plus if you search google for that directory to display everything in it, its mostly public documents like pamphlets.
Deleted member 651465
Deleted member 651465
how come the OP never told us who it was anyway?
it is some website selling sex toys , fleshlights or something you are to embarrassed to admit to buying ?
If they haven't fixed it, he'd be effectively making everyone aware of the exploit?