seburn said:
Some ppl don't need to worry cause its only the reseller details they have... ie me.
seburn, from the pictures of the hacking that I see on flickr - they managed to obtain access to both users and resellers data. At least that's what the presentation suggests.
As a reseller - tell us - do you have access to the data of iBurst subscribers that you didn't sign up to the service yourself?
Thami Mtshali says in the itweb article
“The problem stems from the fact that we give our resellers access to the company's data centre to enable them to give our customers instant activation services.
It is not completely clear if resellers while accessing the "company's data centre" have less privileges with regards customer data than a WBS employee . As I said, by the looks of those images on flickr - one gets the impression that all customer data is exposed.
If that is the case, the problems would be two:
1. The transmission channel is not secure (just like the credit card payment page).
2. Resellers - potentially every Jack and Jill who sells the WBS product has access to iBurst subscribers' financial and personal information. With/without a confidentiality agreement.
Sign up with Google