0

I recently found out that the Phone company where I have my contract is storing passwords on their server in clear text and employees can access it given the name or contract number of a person.

There is no discussion about that being insecure...

How can I raise my concern on that matter to the company effectively?

schroeder
  • 123,438
  • 55
  • 284
  • 319
Eumel
  • 101
  • 1
  • 1
    http://plaintextoffenders.com/ - You can't really raise your concern there but it's a good site. –  Jul 27 '18 at 12:28
  • This sounds more legal question than security question. – Paul Jul 27 '18 at 12:29
  • 1
    Get a lawyer and file a lawsuit for malpractice of data handling. P.S I'm not an attorney and I don't know what that would legally fall under, however, data laws are mostly everywhere. Please don't take this as legal advice though. –  Jul 27 '18 at 12:31
  • @Joshua.J how about asking the company first? – schroeder Jul 27 '18 at 13:38
  • @schroeder That could also work, however, I find in these scenarios one person coming forward and having an issue usually does nothing and they either ignore you or make something up. –  Jul 27 '18 at 13:41

0 Answers0