[solved] If you're a customer of Intl-Outdoor there is the possibility that your data is online

Steve_the_Chief · February 15, 2013, 9:02pm

NEVER EVER specify a public folder as output for the backup routine of a webserver

scaru · February 15, 2013, 9:03pm

Damn, the SQL list is still there but at a different URL. :'( Intl-outdoor has really screwed up, but atleast it doesn't show up when you search last name site:intl-outdoor.com.

Werner · February 15, 2013, 9:07pm

its still available to everyone that is what counts.
Just Google has made their homework IO not.
That’s really embarrassing

jmpaul320 · February 15, 2013, 9:44pm

i have forgotten my password to IO so many times i end up resetting it everytime i make an order… and then forget about changing it lol.

scaru · February 15, 2013, 9:50pm

If you want to know your password you could just look it up in the tables.

CM2010 · February 15, 2013, 9:52pm

Any word from int-outdoors yet?

gords1001 · February 15, 2013, 10:00pm

Aren’t they out for cny? If so, there may not be anyone to deal with this

jmpaul320 · February 15, 2013, 10:02pm

ive seen hank on gmail messenger… you could try that

wikiman · February 15, 2013, 10:54pm

Yeap, I saw it.
Why the subject is “solved”? Data are still available. In addition I can see some amounts of the transactions.

scaru · February 15, 2013, 11:02pm

I'm not seeing any transactions, just: full name, address, phone number, email, and a encrypted version of their password.

wikiman · February 15, 2013, 11:07pm

For example:

INSERT INTO `orders_status_history` VALUES(‘4611’,‘1538’,‘2’,’2012-03-20

16:02:29’,‘0’,’Transaction ID: 5YU21003UL582231C nPayment Type: PayPal

Express Checkout (instant) nTimestamp: 2012-03-20T23:02:28Z nPayment

Status: Completed nAmount: 92.00 USD ’);

gords1001 · February 15, 2013, 11:13pm

Fancy trying graham Entwistles phone number? Just for a giggle.

scaru · February 15, 2013, 11:23pm

Damn, you're right. At least there is no way for them to release the paypal account's password as they never get it. ;) I also found IP addresses.

Hopback · February 15, 2013, 11:28pm

I just had a phone call, someone trying to sell me paisley…….

Pulsar · February 15, 2013, 11:30pm

i like a hint of paisley on my spam in the morning… is that shiz easy to grow???

ri_chevy · February 16, 2013, 12:11am

I can’t come up with anything. Do you have to log in? How does one enter sql into the search?

brad · February 16, 2013, 12:49am

If you find out, let me know, I pm-d someone to ask them but didn’t get through.

scaru · February 16, 2013, 1:04am

Guys, as someone who knows this stuff I'm not going to share a link. Much better if less people find it.

wikiman · February 16, 2013, 1:10am

I agree.

scaru · February 16, 2013, 1:11am

I have sent PMs to a few of the people above but here my official response is.

Sorry, but I’m not going to share a link to the info just because I would prefer for less people to know about it. If you have purchased from IO your: full name, address, phone number, email registered with them, paypal email, paypal transaction ID #, IP address, shipping option, currency paid in, and a encrypted version of your password are all on it.

Sorry,

David