recommended reading


Security error bares millions of Mexicans’ private emails

Insider attack; User accounts compromised; Software vulnerability

Prodigy subscribers in the country had the content of their messages exposed because of a security flaw in the company’s mobile email and webmail systems.

According to a news report by El Economista, the bug permit search engines to index confidential conversations and list them in Google and other Web search results. 

Prodigy is the main Internet Service Provider in Mexico and holds an estimated market share of 92%.

“Once a user logs into their account, anyone can access that users account via the URL, with no additional authentication required,” said security specialist Ken Westin, who discovered the flaw. “Having access to the URL granted anyone full access to that person’s email account, all emails sent and delivered to that person as well as the ability to send email on that person’s behalf.”

Google was immediately notified to flush the indexed pages from its cache.


Telecommunications; Web Services


August 7, 2013

reported by

Hot for Security

number affected

Several thousand email accounts

location of breach




location of perpetrators


date breach occurred

August 2013

date breach detected

August 2013