List:General Discussion« Previous MessageNext Message »
From:Daniel Brown Date:August 5 2009 3:04am
View as plain text  
    Just as a heads-up, in case you guys weren't yet aware (cross-posting): was the victim of an SQL injection attack earlier this
summer (they apparently missed our billions of threads on sanity).
According to their folks, only names, company names, phone numbers,
and email addresses were taken.  Whether or not that's true, I don't
know, but that's beyond the scope of this warning.

    The most recent attempt to get more of your personal information
comes from a (*possibly* legitimate) website named  If you have been a member of Elance, you may
have already received the message from OSR that claims that you signed
up with them, and gives you a username and password.  Now, I'm not
here to tell you guys and gals what to do, but taking the facts into
account - the stealing of private information by breeching the
security of a competitor - it's entirely up to you as to whether or
not you'll consider OSR a trustworthy business.  Chances are, they'll
not only charge you for using the service, but will also be so kind as
to reuse (or redistribute) your private and financial information,
should you be willing to give it to them.

    We've already received numerous hits on our network for and one or two other shoddy attempts to gain more
information.  Today the emails seem to have picked up significantly,
and appear to be not only valid, but professionally-crafted.
Thankfully, we were anticipating such, after being alerted to the
attack by Elance themselves.  Perhaps a bit embarrassing for them, but
it was a good move to mitigate the damage post-fact, in my opinion.

    That's it.  Just trying to keep everyone from getting scammed and
screwed.  For more information, check Google, as always.  ;-P

</Daniel P. Brown>
daniel.brown@stripped || danbrown@stripped ||
Check out our great hosting and dedicated server deals at
Warning: OutsourcingRoom.comDaniel Brown5 Aug