serious breach of trust and security

  • Resolved frenchomatic

    (@frenchomatic)


    6 years, 9 months ago

    Please stop harvesting the usernames of people using your plugin on wordpress installations. This is a serious breach of trust and represents poor security.

    I have just received some marketing email from you (which I never signed up to and I don’t even use your plugin anymore) with the username of a wordpress install published in the email header. The username is not available to anyone who is not an administrator (AND YOU ARE NOT AN ADMINISTRATOR).

    Apart from that you should be asking for an ‘opt into’ receiving emails and not the other way around.

    This what you call bad press but you really need to stop it. I have sent you a separate email that you should read.

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi David,

    I just replied to your email, but I’ll share the reply here as well.

    I just spent some time looking into where you signed up for our email newsletter. You signed up by opting in through NextGEN Gallery on 12/14/2017 on the website https://www.dcdsfoundation.org. You’re welcome to unsubscribe whenever you want.

    Thread Starter frenchomatic

    (@frenchomatic)

    Guys, this is not my real complaint. My issue is that you are sending emails out with admin usernames on them. Sorry if I came across grumpy but can you see the issue? You shouldn’t be storing the usernames of people’s wordpress installs and then emailing them – this is not a username for your specific plugin or service.

    Yes I did use your plugin at one time and it is a good plugin but not what I specifically needed in the end.

    Also please edit my name out – it is why I have a wordpress pseudonym (doesn’t matter too much).

    • This reply was modified 6 years, 9 months ago by frenchomatic.
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘serious breach of trust and security’ is closed to new replies.