People tend to forget that you don't admit to any wrongdoing if the threat of a lawsuit hangs above your head. This changes when it becomes likely that you will get convicted, but before that, you better only admit to things that are already proven.Them shrugging it off will be the "official statement", so to speak.
There MIGHT be one, but I will need your password and id to check it out.Anyone know if there's way to find out if my info was accessed?
There MIGHT be one, but I will need your password and id to check it out.Anyone know if there's way to find out if my info was accessed?
They don't have to say anything because no actually sensitive info has been leaked.
It only shows you a few digits anyway. There's no way to use it
Yeah, because having last 4 digits of your credit card means you can use it.
No full credit card info so they cant do jack shit
It only shows you a few digits anyway. There's no way to use it
Yeah, because having last 4 digits of your credit card means you can use it.
No full credit card info so they cant do jack shit
Incorrect. Last 4 cc + billing address + email address makes for a pretty strong social engineering play. Here's an example of just email address and last 4. Whilst this obviously isn't 'the full Ashley Madison', it's still quite a serious breach of user data.
It only shows you a few digits anyway. There's no way to use it
Yeah, because having last 4 digits of your credit card means you can use it.
No full credit card info so they cant do jack shit
Incorrect. Last 4 cc + billing address + email address makes for a pretty strong social engineering play. Here's an example of just email address and last 4. Whilst this obviously isn't 'the full Ashley Madison', it's still quite a serious breach of user data.
Did you even bother reading that post or just pull it out of google results? Do you also happen to use one email address and password for everything by any chance?
Did you? It specifically states that the last 4 digits of a cc were used as alternate verification in a call to GoDaddy, which in turn allowed for an MX record change to route password reset emails to an attacker controlled server.Did you even bother reading that post or just pull it out of google results?
This isn't about whether it affects me personallyDo you also happen to use one email address and password for everything by any chance?
Your info is perfectly safe... in my hands.Anyone know if there's way to find out if my info was accessed?
No, it clearly says the last 6 digits were required, and that the idiot operator let him guess the first 2. So the moral of the story is: don't use shitty service providers, and most definitely don't be a special snowflake with a custom email hosted by such providers for important shit. This would've never happened if the guy was using a gmail account.Did you? It specifically states that the last 4 digits of a cc were used as alternate verification in a call to GoDaddy, which in turn allowed for an MX record change to route password reset emails to an attacker controlled server.
If it was really a caching issue, i guess everyone NOT browsing his account details around the critical time is safe.Anyone know if there's way to find out if my info was accessed?