Quote:
Originally Posted by Sean1125
There is no breach.
Simpleauctionsite does not encrypt passwords, I know owners of several who have been able to view passwords and provide them if I forgot.
In my opinion Bill sent this out in a shameless effort to bring awareness to his auction, not understanding the severity of sending out passwords unencrypted to an email.
Based on his this happened, Bob ported over Goodwin's old info to a new website or Bill kept one for his records.
I am sure Beckett would love to hear about this.
|
I’ve spoken to two other auction houses who use SimpleAuctionSite.com. They both told me they do not have access to passwords. If you forget a password and ask them to help, all they can do is give you a “Reset Password” link.
Now, it’s possible that this is one of those options that Bob can turn on or off for each auction house. (Like he has admitted he can do with the visibility of max bids.) If so, the first breach is theirs, by giving/selling that info to Goodwin. The second breach is Bill’s by publishing it in unencrypted fashion in an email.