[Ansteorra] URGENT WARNING - Possible hacking or abuse of acceps contact emails
mikea
mikea at mikea.ath.cx
Wed Aug 3 06:26:34 PDT 2011
On Tue, Aug 02, 2011 at 06:28:01PM -0500, Haraldr Bassi wrote:
> It is indeed possible that the address was harvested outside of the acceps
> system, but the only place that address, which has acceps as part of the
> email address, was ever used was in acceps and it would only have been
> emailed inside of a spreadsheet to event stewards or exchequers. Not as
> likely to have been harvested from a spreadsheet as from a Database
> compromise or some other place. Don't know that I've ever emailed anyone
> from that address, but it is possible that it ended up in someone's email
> address book to be harvested.
The most probable scenario that I see, Haraldr, is that somehow you wound
up with something running on your system which dumped your addressbook or
your sent mail to an external machine not controlled by you.
These Things Happen; and we can't always find out how. On one of the
lists I subscribe to, various folks with immense security expertise
(heads of mail and security for Fortune 100 corporations) have voiced
identical concerns about some of their own 1-purpose-only addresses.
Yes, I work with this sort of thing for a living.
--
Mike Andrews / Michael Fenwick Barony of Namron, Ansteorra
mikea at mikea.ath.cx / Amateur Extra radio operator W5EGO
Tired old music Laurel; Chirurgeon; SCAdian since AS XI
Listowner, SCA-Laurels
More information about the Ansteorra
mailing list