Quote:
|
Originally Posted by BradShaw
Bringer, you make it sound like we were told of specfic problems and did not fix them. That is flat out incorrect. We were told there were "holes" and we we secured his services, he would tell us where and they would be fixed. In other words, he was on our server without our permission, we never hired him.
|
thats not what im concerned about. im concerned the problem that was exploited (and i use that term very loosely) was something that should of been corrected by a security audit. id assume a company taking peoples private information would hire a private firm to do security audits to ensure privacy. i wouldnt be happy if all my private info i submitted to you in a secure session was available to anyone with a browser. you werent hacked, your server wasnt configured properly.