What responsibilities does a courier have with personal information?

Moots on 18/05/2013 - 20:47

I would like to know if someone here has any law information on what courier's have to do when it comes to authorization of customer information.

I have found a huge security hole in Hunter Express's courier system. This gives you random peoples full address information including names, numbers and could possibly be harvested.

Example: http://online.hunterexpress.com.au/tmp/XX.pdf

change the last digits on the end of the number, you get a new label will full information. I have notified hunter express (E-go) and awaiting a response.

General Discussion

Comments

  • snappy1234 on 18/05/2013 - 20:51

    Maybe just edit that link out till you hear back from them ;)

  • KBZ on 18/05/2013 - 21:15

    What's the difference with that and just looking people up on the white pages? Albeit you don't get the full first name but …yeah.

    But it's good to let them know.

  • Marrk on 18/05/2013 - 21:49

    Already fixed?

    HTTP Status 404 - /tmp/XX.pdf

    • Moots on 19/05/2013 - 14:12

      Well, all the numbers haven't been used up. I.e, 999999 obviously so it goes in sequence. I have working digits but for their personal information I won't publish them.

  • c64 on 19/05/2013 - 13:47

    i'm sure the delimiter would be interested in it http://delimiter.com.au/anonymous-tips/

Login or Join to leave a comment
Login Join