Slashdot Mirror
Social Search Reveals 700 Comcast Customer Logins
nandemoari writes "When educational technology specialist Kevin Andreyo recently read a report on people search engines, he decided to conduct a little 'people search' on himself.
Andreyo did not expect to find much — so, imagine the surprise when he uncovered the user name and password to his Comcast Internet account, put out there for the entire online world to see.
In addition to his personal information, Andreyo also discovered a list that exposed the user names and passwords of (what he believed) to be 8,000 other Comcast customers. Andreyo immediately contacted both Comcast and the FBI, hoping to find the ones responsible for divulging such personal information to the public.
While the list is no longer available online, analysts fear that the document still lives on in various cache and online history services."
buried in the 58 page EULA, there was text about authorizing the site in question to logon to her supplied email account (e.g. - gmail.com) using the same supplied password.
In other words, the people who use the same password for everything would simply check the "I AGREE" box, which would authorize the new site to harvest their email contacts for the sake of spamming them. Since the generated emails would be coming from a known contact, it would become a plausible suggestion for each recipient (i.e. - better than unsolicited spam).
I can imagine that sites like this would have no problem selling and/or posting this information publicly.
If you actually read the terms of spokeo.com, they will only use your email password ONCE for the purpose of getting your contact list, as that is the whoole point of the website. There is nothing at all that would imply sending spam.
Why the hell was this helpful and insightful comment moderated "Troll"? This is CLEAR moderation abuse.
Please, someone at Slashdot: revoke moderation rights on whoever applied the Troll modifier here. This isn't Digg.