This is a good point. You have already had hundreds of people read what you have written here. By posting about it you have increased the urgency for you to do something about it before someone else does. I would highly recommend that you refrain from any illegal activity. Once this is investigated it will be known that you had access and to be able to prove that you never used that access will protect you from potential false allocations. If officers of the company will not listen to you then you will need a government agency that oversees these things to intervene. Do they have a credit card processor that you could consult first? Is there anyone in the IT department that would be willing to speak with you? Your posting here shows that you want to do the right thing. If no one inside the company will respond to you then you have a responsibility to be sure this breach in security is resolved before the wrong people find out about it.
Slashdot Mirror
This is a good point. You have already had hundreds of people read what you have written here. By posting about it you have increased the urgency for you to do something about it before someone else does. I would highly recommend that you refrain from any illegal activity. Once this is investigated it will be known that you had access and to be able to prove that you never used that access will protect you from potential false allocations. If officers of the company will not listen to you then you will need a government agency that oversees these things to intervene. Do they have a credit card processor that you could consult first? Is there anyone in the IT department that would be willing to speak with you? Your posting here shows that you want to do the right thing. If no one inside the company will respond to you then you have a responsibility to be sure this breach in security is resolved before the wrong people find out about it.