Interesting People mailing list archives
Payroll website still not secured
From: David Farber <dave () farber net>
Date: Tue, 15 Mar 2005 06:08:23 -0500
------ Forwarded Message From: Monty Solomon <monty () roscom com> Date: Mon, 14 Mar 2005 00:44:27 -0500 To: <undisclosed-recipient:;> Subject: Payroll website still not secured Payroll website still not secured By Hiawatha Bray, Globe Staff | March 1, 2005 Boston software entrepreneur Aaron Greenspan, who revealed serious security flaws in the website of Tennessee payroll company PayMaxx Inc. last week, said yesterday that the site remains insecure. Greenspan said that a computer hacker still could use the site to obtain the Social Security numbers of hundreds of Americans. Greenspan called the management of PayMaxx ''incompetent," and urged Congress to investigate the company. ''They have no idea what they're doing," he said. Greenspan's company, Think Computer Corp., had its payrolls prepared by PayMaxx, of Franklin, Tenn., until late last year. After ending their relationship, Greenspan found that his name, address, Social Security number, and other personal data were still available on the PayMaxx website, which could be accessed by entering zeroes in the site's login windows. Greenspan also found that he could obtain the same information about other PayMaxx customers by typing random numbers into the browser's address window. He estimated that up to 100,000 files could be accessed this way. ... http://www.boston.com/business/globe/articles/2005/03/01/payroll_website_sti ll_not_secured/ ------ End of Forwarded Message ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Payroll website still not secured David Farber (Mar 15)