- Incident Number: i20140814.1
- Status: execution
Incident Manager: BenediktHeintel
- Date of incident opened: 2014-08-14
- Date of incident closed: 201Y-MM-DD
- Incident title: Attempted privacy data breach
- 201Y-08-14: Incident i20140814.1 created
2014-08-14: Full names in private part
1. Incident Response Team
- internal Auditor
2. Incident Description
Post (Answer to a web form request) on a public mailing list (firstname.lastname@example.org) of a support member:
Hello [requester name], > Email: [requester email] I did not find a CAcert account related to this email address. If the problem cannot be solved, please write to email@example.com and tell me your main email address of your account.
The support member looked up the requester’s e-Mail address.
3. Containment Actions
No action was done to contain the incident, there is no available data to look up.
4. Root Causes
5. Permanent Corrective Actions
Dispute a20140712.1 was requested:
6. Verify Corrective Actions
Case still pending
7. Preventive Actions
The Auditor already proposed preventive actions the a similar case i20140625.1 to be implemented.
8. Approval & Closure