Overclock.net › Forums › Industry News › Technology and Science News › [SMH] First State set police on man who showed them how 770,000 accounts [...]
New Posts  All Forums:Forum Nav:

[SMH] First State set police on man who showed them how 770,000 accounts [...] - Page 3

post #21 of 24
Quote:
First State Super has told Financial Standard it will not be pursuing legal proceedings against the 'goodwill hacker' who exposed a security flaw in its system, with the two parties to instead resolve any issues together.

...

Webster was requested to destroy and delete all data and records that he gained unauthorised access to and was told he would no longer have any access to the members section of the Fund's website.

Dwyer said the Fund still wants to ensure that all records have been deleted and that both FSS and Webster are comfortable with the outcome and that the meeting is to discuss his findings.
Per usual, an update! The Internet gets pissed, and problems get solved
Source - Financial Standard

...may want to update that OP, OP :>
Edited by blade19 - 10/18/11 at 8:43pm
citrinitas
(14 items)
 
  
CPUMotherboardGraphicsRAM
QX9650 DFI LanParty DK P35-T2RS eVGA GTX260 SSC 4 x 1GB DDR2 Ballistix 1066MHz Dual Channel -D9MGH 
Hard DriveHard DriveOptical DriveOS
3 x 7200.11 500GB RAID 5 32GB Corsair V32 SSD (OS) none, and proud of it. ODD = obsolete tech! Win 7 
MonitorPowerCaseMouse
Acer X241W 24" WS TT Toughpower 700W Rocketfish + mods Logitech G9 
  hide details  
Reply
citrinitas
(14 items)
 
  
CPUMotherboardGraphicsRAM
QX9650 DFI LanParty DK P35-T2RS eVGA GTX260 SSC 4 x 1GB DDR2 Ballistix 1066MHz Dual Channel -D9MGH 
Hard DriveHard DriveOptical DriveOS
3 x 7200.11 500GB RAID 5 32GB Corsair V32 SSD (OS) none, and proud of it. ODD = obsolete tech! Win 7 
MonitorPowerCaseMouse
Acer X241W 24" WS TT Toughpower 700W Rocketfish + mods Logitech G9 
  hide details  
Reply
post #22 of 24
Quote:
said he may be liable for any costs in fixing the breach.
Better damn not be the case. He just discovered it - he didn't create it.
Akiyama Mio
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6420 @ stock, 0.98v Asus P5N-E SLI Gainward GTX 460 1GB @ 800/1600/1900 2x2GB Kingston @ 800MHz 5-5-5-15 2T 
Hard DriveOptical DriveOSMonitor
WD 250GB, 320GB SATA/3, 16MB Cache, Seagate 1TB LG GSA-H62N 18x SATA Ubuntu 9.10 x86 & Win7 x86 Asus VW222U 
KeyboardPowerCase
Logitech Classic Corsair 650HX NZXT Apollo Black 
  hide details  
Reply
Akiyama Mio
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6420 @ stock, 0.98v Asus P5N-E SLI Gainward GTX 460 1GB @ 800/1600/1900 2x2GB Kingston @ 800MHz 5-5-5-15 2T 
Hard DriveOptical DriveOSMonitor
WD 250GB, 320GB SATA/3, 16MB Cache, Seagate 1TB LG GSA-H62N 18x SATA Ubuntu 9.10 x86 & Win7 x86 Asus VW222U 
KeyboardPowerCase
Logitech Classic Corsair 650HX NZXT Apollo Black 
  hide details  
Reply
post #23 of 24
Thread Starter 
Quote:
Originally Posted by blade19 View Post
Per usual, an update! The Internet gets pissed, and problems get solved
Source - Financial Standard

...may want to update that OP, OP :>
It has been done =]
Quote:
Originally Posted by Coma View Post
Better damn not be the case. He just discovered it - he didn't create it.
Quote:
The firm said they may go after him for costs related to the matter.
It's nice to know that they aren't, but what a way to reward someone who saves you a potential disaster of EPIC proportions.

Thanks for finding out about that security hole. Now, the costs to secure it were...
post #24 of 24
Quote:
Webster said the issue began when he logged in to his online account with First State Super late last month to check his statement. He noticed that the URL contained the unique ID number for each account and by tweaking the number in the URL, he was able to easily access other people's statements.
Wow, for real? That's either really lazy design, or they're really stupid--didn't we learn not to do this a long time ago?

Quote:
First State Super has disabled his account, asked to check his computers and said he may be liable for any costs in fixing the breach.
Really? LOL, wow... I know that they've since come to an agreement that he'll actually come on and help them resolve it, but initially saying that when...honestly there is no breach. I can't fathom how typing in a url can be considered a breach.
    
CPUMotherboardGraphicsRAM
i5-2500K Biostar TP67B+ XFX HD5750 1GB 2x4GB DDR3 Corsair 1600 
Hard DriveOSMonitorPower
60GB OCZ SSD, 2x160GB HDD RAID0, 500GB+500GB+1.5TB Windows 7 Ultimate 64-bit Samsung SyncMaster 930B Antec SmartPower 450w 
Case
Antec 900 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i5-2500K Biostar TP67B+ XFX HD5750 1GB 2x4GB DDR3 Corsair 1600 
Hard DriveOSMonitorPower
60GB OCZ SSD, 2x160GB HDD RAID0, 500GB+500GB+1.5TB Windows 7 Ultimate 64-bit Samsung SyncMaster 930B Antec SmartPower 450w 
Case
Antec 900 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
Overclock.net › Forums › Industry News › Technology and Science News › [SMH] First State set police on man who showed them how 770,000 accounts [...]