|
|
|
|
|
|
by nly
4496 days ago
|
|
|
My guess is any passport scans would just be any recent web uploads made by users trying to verify their accounts and thus copied off the web server filesystem, not their customer database. Once verified these documents would be moved somewhere else, one would hope. In any case, regardless of what was found or how, it's completely inexcusable that such sensitive data isn't encrypted asymmetrically the moment they receive it. |
|
|