Spamworld
Nice easy rename, change one character by 0x01 and move it left in the name
UK baby care supplier Pramworld has admitted that a breach of its systems was the reason customers were sent spam emails on Friday. In a statement supplied to El Reg (below), Pramworld admitted its mailing list had been compromised while downplaying the problem and offering reassurance that payment information had not been …
I'm not sure I'm prepapred to take their assurances that payment information etc has not been compromised at face value. Auditing select queries are we now?
I'd like to see a statement that payment info, if retained at all, was encrypted by AES or equivalent, and some assurance that there key management was competent.
What actually happened? Sounds like an XSS attack from the article text.