Full Disclosure mailing list archives
Who should i contact?
From: <screwedbytaxes () hushmail com>
Date: Wed, 05 Jul 2006 01:09:06 -0700
Hello all, The recent thread on the exposed data containing hospital records made me think to ask something here. I have recently received spam to several email addresses created explicitly and solely for filing my US federal taxes online through an internet tax filing system. The emails I received are tied to four separate filings by four separate people on a COMPLETELY unrelated subject through an IP address managed by a completely different person than the entity that these addresses were given to. I've already asked the tax filing company for more information about any breaches they may have suffered and what other information may have been exposed. They asked for the source emails, which I provided, and I have not heard back. This was over a week ago. What should I do? What would you do? I'm not up on current legislation (I'm a part-time security guy), but would this fall under HIPAA (one of the people filing is disabled, that data was included on the online form), Sarbanes Oxley, GLBA, California Breach Act (I'm in CA)... or anything else? Since it looks like they're not going to even respond to me, I'd like to nail them to the wall. Thanks Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Who should i contact? screwedbytaxes (Jul 05)
- Re: Who should i contact? Cardoso (Jul 05)
- Re: Who should i contact? Joe Stewart (Jul 05)
- Re: Who should i contact? Valdis . Kletnieks (Jul 05)
- Re: Who should i contact? H D Moore (Jul 05)
- <Possible follow-ups>
- Re: Who should i contact? screwedbytaxes (Jul 05)