Nike world headquarters is just a few miles from SecureWorld's headquarters, and next time I drive by I'll be wondering about something.
Did Nike ignore a warning from an 18-year-old white hat? ZDNet is reporting on the story today:
"A previously undisclosed flaw in Nike's website allowed anyone with a few lines of code to read server data like passwords, which could have provided greater access to the company's private systems.
An 18-year-old researcher Corben Leo discovered the flaw late last year and contacted Nike through the company's dedicated email address for reporting security flaws, which it advertises on its bug bounty page.
After hearing nothing back for more than three months, Leo contacted ZDNet, which also alerted the company to the vulnerability."