Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I had one who sent me the booking details of another client in the plaintext part. I reported it to them nearly a year ago and they didn't reply, so screw anonymity, it was Avis.


If you're in EU or California, you should probably email the local data privacy official's offices about that.


text/plain != plaintext

This is about media types, not encryption.


Do you think I was talking about encryption, or is it not more likely I meant text/plain given the context?


I'm sorry, I did not properly read and comprehend your original post. I thought you were saying "they put sensitive details in the text/plain part", implying that those details somehow only belonged in the text/html part. What you actually said was "they put somebody else's sensitive details in the text/plain part".


Then report it to your government authority in charge of GDPR Enforcement. They suddenly will care very much about it




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: