Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Notable Sites:

yahoo.com indiegogo.com metacafe.com mybet.com nascar.com okcupid.com pch.com paypal-community.com browserstack.com creditkarma.com nasa.gov twitpic.com

The others are mostly porn sites, link shorteners, non-english or others people normally wouldn't have an account/put private data on. These are the sites I feel have the most significance on the list, sorry if I missed any.



Airbnb.com apache.org dreamhost.com ifttt.com wer ones I noticed.

There are a couple of big european retailers in the list (darty, castorama).


Ha, what sort of idiot would have private data on a non-English site? Oh wait, that would be the majority of the population of the planet.


Avast is pretty bad given that they make virus protection


As of earlier this morning Amazon.com was also vulnerable. OkCupid is also on this list.


netflix.com is another big one


Netflix has been fixed.


slack.com

edit: I contacted the developers and they were super fast to patch everything, roll keys, etc. It's contained now.


jd.com is huge in China.


flipboard.com


We fixed it earlier today. Interesting wrinkle was that our SSL cert provider's web site was also vulnerable. We had to wait for them to update before reissuing the SSL certs.


Notable edu sites:

(www)gatech.edu (www)ucla.edu (www)uiuc.edu

I mean really? These are top engineering schools too.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: