Stop emailing my passwords in plain text.
Hello,
I’m reporting a security issue that your developers and/or IT technicians need to address immediately.
I received an email today that contained my password to your site in plain text. I’m sure that your staff has taken the strictest measures to ensure the security of customer data, including encryption of passwords, so seeing my password in an email was quite a shock.
I can only postulate that someone has been sniffing traffic to and from your site and has stolen all of your users’ passwords. How they’re getting through the https/SSL security on your login page is beyond me. This must be a group of professionals, potentially connected to one or more organized crime rings.
As a fellow colleague in web development and data security, my recommendation is that you find where these malcontents have placed their packet sniffers, dispose of the offending software, and contact all of your users to alert them concerning their compromised passwords. If you can actually track down the system infiltrators, legal action would not be out of the question. I can provide a contact at the FBI if you need assistance.
Thank you for your attention to this matter. I wish you luck with the impending PR issues you’ll be addressing in the wake of this massive security breach.
Regards,
Sean
-
redcloud liked this
-
3hoss liked this
-
eoporto liked this
-
steelopus liked this
-
everythinginthesky liked this
-
sloganeerist liked this
-
zuhl liked this
-
lafix liked this
-
dwineman liked this
-
smartasshat liked this
-
hellamike liked this
-
sniffyjenkins liked this
-
shanecyr liked this
-
rafitorres liked this
-
texburgher liked this
-
froggeek liked this
-
monkeyfrog liked this
-
morrowplanet liked this
-
notactuallyme liked this
-
awryone liked this
-
guillee liked this
-
thememegeneration posted this
