
Security Researcher exposes abysmal cybersecurity of SlickWraps - scheja
https://medium.com/@lynx0x00/i-hacked-slickwraps-this-is-how-8b0806358fbb
======
Hates_
I _just_ received the following email:

    
    
      if you're reading this it's too late. we have your data.
    
      here's where you live:
      *****
    
      how do we have this data? we read this:
      https://link.medium.com/esfwWoQ4f4
    
      so what are we doing with your data? not much (that's good!)
      
      we're just using 377428 emails from their customer database   to send this mass email (that's bad!)
      
      because right now, ANYBODY can do what we just did, and they might do something really shitty with the same data we took
    
      we don't want that. the guy who wrote the medium artcle didn't either. he warned slickwraps and they didn't do shit

------
metalliqaz
Seems a little self righteous, but otherwise an interesting read. Not
surprised at all about Slickwraps, their business is all about lowest-cost
everything.

------
black_puppydog
So... Just pointing out... Under the GDPR, this would be a prime candidate for
those fines of up to four percent of global turnover. But honestly, ignoring
the big banner at the top of a code example "Don't use this, shit might go
wrong!" and then the warning from an outsider "Stop using this, shit _did_ go
wrong!" sounds like negligence to me anyhow...

Side note: I find the way medium are handling this horrible.

1\. There's no indication what they're investigating there. Just that it's
being investigated.

2\. There's no indication as to the status of their decision process. From
what's written on the page, they might still be working on it, or it might be
ancient history to them.

Would like to see the link changed to the archived version.

------
IsaacAzuelos
Medium has pulled the post.

~~~
zyberzero
A mirror is here: [http://archive.is/yEIJT](http://archive.is/yEIJT)

