Posted on 08/20/2004 7:54:12 PM PDT by AllTheRage
MoveOn.org subscriber-data leaked through search Published: August 20, 2004, 6:03 PM PDT By Robert Lemos Staff Writer, CNET News.com
Subscribers to MoveOn.org's mailing lists may have found their interest in the anti-Bush political site a matter of public record.
A Web page misconfiguration left dozens of the liberal political group's subscriber pages easily searchable through simple Google queries. Each page included a subscriber's name, e-mail address and the mailing lists to which he or she is subscribed. CNET News.com confirmed that several related searches turned up more than two dozen individual subscriber pages.
"This is extremely disturbing," said one subscriber, when contacted through e-mail. The subscriber asked that his or her name not be used. "I'm not sure if I should be worried or not, but I am," the person said.
The subscriber Web pages linked member's names with interests in various topics, "Distortion of evidence" for one, and, for another, Errol Morris, the director of the documentary "The Fog of War," which won the Oscar for its portrayal of the life of Vietnam era Secretary of Defense Robert McNamara.
MoveOn.org fixed the problem on its site after being contacted by a member. The search results on Google now redirect people to MoveOn.org's front page. The organization is implementing further changes to protect the user information.
The information leak is the latest version of "Google hacking," using the search engine's advanced features to find data leaked by Web sites. Earlier this month, security researchers found a way to use the search engine to find lists of credit card numbers, along with card holder information, that had been posted online by traders of illicit financial information.
The incidents highlight increasing concern that knowledgeable Web surfers can turn up sensitive information by mining the world's best-known search engine. MoveOn.org stressed that no financial information was leaked in the most recent incident, and that the site does not retain credit card numbers.
The discoverer of the MoveOn.org problem, Web developer Shawn Smith, found the information accidentally, he said. Smith, a member of MoveOn.org, had searched Google for information on recent video clips sponsored by the political group. Along with a link to the clips, he found that several of the other search results pointed to Web pages with subscriber information.
"I just wanted to see the (video) spots," Smith said. "Instead, I found these other sites."
Smith alerted MoveOn.org to the problems, and the Web site fixed the issues.
MoveOn.org is best known for its use of Internet video to distribute 30-second spots attacking President Bush's policies. The spots, called Bush in 30 seconds, gained widespread recognition for the site and for the Internet as a medium for grassroots political speech.
Other sites have also profited from the interest of Web surfers, including Senator John Kerry's and President Bush's campaign sites, and a political parody created by JibJab.
These guys are complete idiots! LOL!
Well. Where is the list? The article says it was leaked. I want it! What was the search criteria that dropped it???
What a tease!
Oh, in retort, using advanced search features IS NOT hacking! That is UNsecured server!
/rant off
Lousy snitch.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.