We have all been told never to share our account login details, including your account number, login user name, password etc. but one publicly traded company (with-holding the company name for clear reasons) posted its two domain name assets, along with ALL of the account details to access them in a recent SEC filing report.
Registrar, Account #, Login user ID and Password
Think I’m kidding? (I blocked out the vital info)
Thankfully I’m a nice guy and I alerted the domain name registrar seconds after seeing this huge security risk, so the registrar could take appropriate security action to prevent any damage to the companies two domain name assets. I also alerted the company directly, yet they did not reply to my email, even though I know it went to the proper place.
The only thing that could prevent something bad from happening since this info was in the wild, is if the company had two factor authorization turned on. That is something I do not know if they did or did not.
Never hand out this type of information. Do not publish it in a SEC filing that is public information.
I blocked out the critical info in the above info. Trust me, it was NOT covered up and clear text was displayed for everything.