| ▲ | pesus 2 days ago |
| Wow, the other comments weren't exaggerating. This is really bad. If my tax returns or other data were part of this, I might consider legal action. I wonder if somewhere like Wired/Ars Technica/404media might pick this up? |
|
| ▲ | 2Gkashmiri 2 days ago | parent | next [-] |
| https://fiverr-res.cloudinary.com/image/upload/f_pdf,q_auto/... This is too funny |
| |
| ▲ | TkTech 2 days ago | parent [-] | | Personally, this is the funniest one to me. It turns out Fiverr uses cloudinary for their internal documents as well. (Note: this one is not confidential and is public information) https://fiverr-res.cloudinary.com/image/upload/f_pdf,q_auto/... | | |
| ▲ | dewey 2 days ago | parent | next [-] | | Shows you how much these certifications are worth in reality. | | |
| ▲ | bblb 2 days ago | parent [-] | | Absolutely worthless pieces of paper. We had the ISO 270001 and the physical security "walk tour" or whatever it's called; I could've outsourced that to a bunch of preschoolers walking around the offices and data center rooms and would've gotten the same result. The only _actually_ working way to protect your org is to continuously attack your own systems and see what part of it breaks or leaks data. |
| |
| ▲ | Zanfa 2 days ago | parent | prev | next [-] | | Clearly the real issue is their 27001 expired on 15/12/2025 | |
| ▲ | 2Gkashmiri 2 days ago | parent | prev [-] | | I saw that too. Ddg didn't give me a lot of results. Beyond a few dozen |
|
|
|
| ▲ | morpheuskafka 2 days ago | parent | prev | next [-] |
| Company is now telling media this is intended behavior and users knew these files were public / shared the URLs themselves. We need to get some media with wider scope to challenge that. |
| |
| ▲ | snayan a day ago | parent | next [-] | | Right? On what planet does someone think that if they share a doc in a private 1on1 chat on Fiverr, that means the doc is going to be indexed by google. Shameless. | |
| ▲ | janoelze 2 days ago | parent | prev [-] | | And additionally a failure to handle a responsible disclosure. |
|
|
| ▲ | ChrisMarshallNY 2 days ago | parent | prev | next [-] |
| I saw that this was also reported on r/Fiverr[0]. It looks like an almost verbatim copy of this. I don’t see much discussion (so far). [0] https://www.reddit.com/r/Fiverr/comments/1slzoey/other_atten... |
|
| ▲ | ayewo 2 days ago | parent | prev | next [-] |
| > I wonder if somewhere like Wired/Ars Technica/404media might pick this up? Might also want to add El Reg [1] to the list. 1: https://www.theregister.com/ |
|
| ▲ | Barbing 2 days ago | parent | prev [-] |
| Thanks, tip lines were a good idea |
