Forums hacked – for the 3rd time!

[medhead]

Forums hacked – for the 3rd time!

An Australian organisation is bound by Australian laws — no matter who outsourced to.

Yes and Australian laws also recognise that a company that takes all reasonable steps to follow the law but is subject to nefarious actions by third parties is not to blame.

 

[spunkarooney]

I tell you what, next time there's a breach, I won't bother with discussing it in here.

Instead, I'll lodge a complaint with the ACMA detailing the breach (along with the history of breaches), I'll also lodge a complaint with the Federal Privacy Commissioner and I'll put together a nice backgrounder for any interested media outlet.

I'm sure all of that will be more beneficial than the dismissive responses received in here.

 

[Sprucegoose]

An Australian organisation is bound by Australian laws — no matter who outsourced to.

Happy to learn what they are in this particular instance?

 

[Sprucegoose]

I tell you what, next time there's a breach, I won't bother with discussing it in here.

Instead, I'll lodge a complaint with the ACMA detailing the breach (along with the history of breaches), I'll also lodge a complaint with the Federal Privacy Commissioner and I'll put together a nice backgrounder for any interested media outlet.

I'm sure all of that will be more beneficial than the dismissive responses received in here.

Sounds newsworthy.

 

[medhead]

I tell you what, next time there's a breach, I won't bother with discussing it in here.

Instead, I'll lodge a complaint with the ACMA detailing the breach (along with the history of breaches), I'll also lodge a complaint with the Federal Privacy Commissioner and I'll put together a nice backgrounder for any interested media outlet.

I'm sure all of that will be more beneficial than the dismissive responses received in here.

Despite the views of others you're not being ignored here. I am thankful for the warning.

But the thing is I get 3 or 4 spam emails a week. It isn't a big deal. There are many ways of protecting privacy and you seem to be switched on, in that regard.

The question still stands, exactly what do you thing ACMA etc. are going to do with your report? For a start as I udnerstand it the spam was sent by someone else, there is your first breech of the anti-spam laws (possibly). As for the privacy laws. They require an organisation to protect your private information. So AFF or the gazette needs to have a system in place to protect your information. What has happened here is that a third party has deliberately circumvented those security to steal your information - possibly breaking anti-hacking laws (if such things exist). Exactly how do you think that ACMA or anyone else is going to hold AFF responsilbe for that?

A possilbe analogy is that your saying the police will come and arrest you if someone breaks into your house and steals your TV. Clearly that isn't going to happen. I'm still highly confused by what you think will happen when you report this to ACMA. Given the situation of someone hacking the information and stealling it then I think they will do nothing. Or are your suggesting that AFF gazette is negligent in protecting your information?

 

[markis10]

I tell you what, next time there's a breach, I won't bother with discussing it in here.

Instead, I'll lodge a complaint with the ACMA detailing the breach (along with the history of breaches), I'll also lodge a complaint with the Federal Privacy Commissioner and I'll put together a nice backgrounder for any interested media outlet.
.

Please do, I suspect it will be just as effective and will save you some angst in the process, although I would suggest you have a closer look at what private organisations are covered by the privacy law in Australia , you will find that AFF is exempt if you do your homework as are most small businesses.

In answer to your previous post saying I seem to be relaxed, you bet, a CISSP has more to worry about then what is being reported here.

 

[11sjw]

I tell you what, next time there's a breach, I won't bother with discussing it in here.

Instead, I'll lodge a complaint with the ACMA detailing the breach (along with the history of breaches), I'll also lodge a complaint with the Federal Privacy Commissioner and I'll put together a nice backgrounder for any interested media outlet.

I'm sure all of that will be more beneficial than the dismissive responses received in here.

How about you send a PM/email to the forum mods/people in charge instead of this effort? As said previously I'm pretty sure that these guys can demonstrate they have taken all the necessary steps that a 'reasonable' person in their position would take. How can these guys be held accountable for the malicious acts of an external party (assuming they can demonstrate attempts to improve security etc)? That's like holding Ford responsible because a drunk driver rammed your Falcon and it's now damaged.

I signed up with the yahoo email address that gets bombarded with cough everyday, but that's why I have it.

Knock yourself out with the seemingly spurious complaint. You might get Today Tonight interested and we all know they are to be taken seriously.

 

[straitman]

spunkarooney,

IMHO what you need to do is start again with two new email addresses, one for AFF and one for the newsletter.

Then see what happens. IF you get spam in both or the one specifically for AFF then there really is an issue and I'll be really surprised. If it is only on the newsletter address then it is as admin has said and the site data is secure.

Yep, that's what I already have — two seperate email addresses. I funnel thouse into one AFF folder on my machine.

Have you had the email that is AFF only (not newsletter) spammed :?: Maybe you have answered that but if so then i have missed it.

Well you guys really are defending the indefensible — you're just as responsible for the email addresses associated with the list as well as the forums. Your customers don't care that you have outsourced it.

Some people maybe but the majority, such as serfty and myself, are simply trying to get all the facts before drawing conclusions.

In the end, I've brought this to your attention but I could have just as easily lodged a complaint with the ACMA, the Federal Privacy Commissioner, or referred it to media contacts.

IMHO you have done the right thing by giving admin a chance to respond and sort out appropriately. As mentioned earlier, there was nothing until this point that showed the actual forum integrity has been hacked. Has it?

I don't appreciate the dismissive nature of some responses. Data security is very important.

Agreed. A few people should know better just as one or two others continue to stir the pot from the other side.

I like participating in here when I can, but wow, I'm going to be very careful with what I say because who knows when security might next be breached and what might be revealed and how you (site management) will trivialise the event.

IMHO that's a good move for any internet site.
That is why I will not use facebook or twitter. Has site management trivialised the event. My personal opinion is no.

 

[NM]

This thread has moved from a members posting their concerns about privacy of personal information to some very personal attacks. Personal attacks are not tolerated on AFF and will be (and have been in this thread) removed. As the topic has been discussed and the facts revealed, I am closing this thread now. This is not intended to trivialise the legitimate concerns of members.

If anyone has further concerns regarding the hacking of AWEBER resulting in the Frequent Flyer Gazette mailing list falling into spammers hands, please send a PM to Admin.