June 4, 2021

A website is exposing social security numbers on the client-side. I have contacted the company a couple of weeks ago and got no response, and it is still not fixed. How do I proceed?

This is a major security flaw and attempts to contact them have gone unanswered, and the issue is still there. Along with the exposed SSN, there is a lot of private information in the profiles such as name, address, email, phone number, etc. I’m not sure how to proceed if I am not getting replies.



Maybe go to the media? Is it a well-known company? They might publish a story on it without revealing the bug and hopefully it pushes the website to act. As well, out of curiosity, how did you bump into this?

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.