2011
02.03

When Batman brought down the gauntlet of justice on the Joker, or a low life street thug, he did to protect the innocent. To protect the ones that justice had forgotten, the ones that are incapable of defending themselves. In the rare occasions innocent by standers were hurt, Bruce Wayne would try and do good by them. Either directly or indirectly…

The type of justice that fell upon LIGATT yesterday is a perfect example of vigilante justice. Unfortunately, innocent people may be hurt by this. With all the personal information, now readily available for download, of people not involved in the situation between the Information Security community and Gregory Evans, this is just a disaster waiting to happen. I say disaster because of this statement, presumably made by the person/persons involved in this attack:

This release immediately follows with a small regret. Apologies much be given to all the bystanders, innocent or otherwise. Contained within his inbox is personal information of many, many people. Social security numbers, bank account routing numbers, credit reports, and other reports by private investigators. It was completely impractical to redact all of this information in any effective manner, and for that: sadness.

It’s clear that the perpetrators are sorry for what they have done. And like any vigilante, they feel remorse and apologize for some of their actions. They even go on and ask people going through the e-mail this:

If in your search through this release you find personal information, please contact the person and notify them.”

Odds are they do feel genuine remorse, and in a way do not want cause any harm to the innocent. Unfortunately not everyone rummaging the 4Gig download will be doing it to help the “Anti-LIGATT” cause. One can only hope, people will contact the unfortunate. If not, I see many cases of identity theft in the coming months.

Besides a few funny e-mails with references to collection agencies looking for Greg or Ligattleaks’ e-mail asking for whistle blowers. No real “smoking-gun” has been found, at least not published. The only thing that will make this attack in any way slightly justifiable is for something important to the “anti-LIGATT” cause to be found and made public. Proofs of fraud, knowingly lying to shareholders are examples of things that need to be found.

In the next few days, if nothing of value is found, I really hope the attackers will take it upon themselves to contact some of the innocent at risk due to their actions. Don’t get me wrong, I do find this “funny”. Any hit to LIGATT is worth a belly laugh, but let’s not forget the potential harm this may bring…

Thanks for reading, if you have any comments please feel free to send them my way.
Pretty sure my email can be found in cache somewhere…

Some references:

http://seclists.org/fulldisclosure/2011/Feb/16
http://pastebin.com/tEJtqGDN
http://ligattleaks.wordpress.com

Comments are closed.