Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Fwd: reporting a web site breach

From: "Geoff Brunkhorst" <gbb () brunkhorst org>
Date: Thu, 16 Oct 2008 16:07:03 -0500
On Thu, Oct 16, 2008 at 2:58 PM, Prodigi Child <prodigi.child () gmail com> wrote:


If the company refuses to do anything about it, and it is based in the US,
try the FTC. If it is a bank, try the FDIC. Try to find an organization to
which they must answer.


Actually for U.S. banks, credit unions, etc, use the Office of Thrift
Supervision (OTS).

http://www.ots.treas.gov/?p=ConsumerComplaintsInquiries
consumer.complaint () ots treas gov

OTS is the official federal examiner of all consumer bank
institutions.  They set the rules (and fines)  for what passes for
appropriate computer and information security.

For anyone else, you may want to go to the Federal Trade Commission.
They actually are responsible for coordinating efforts to limiting
Identity Theft, which this would fall under.

try https://www.ftccomplaintassistant.gov/

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: