Security Flaw Exposes 35 Million AOL Accounts

Stones and glass houses. Not to throw stones, but to learn how to build
better glass houses. California's SB 1386 doesn't become effective until
July 1, 2003.

Security Flaw Exposes 35 Million AOL Accounts
By Nate Mook and Craig Newell, BetaNews
January 22nd, 2003, 11:19 AM

The accounts of millions of AOL subscribers were jeopardized this week due
to a serious flaw in the company's Web-based mail system, BetaNews has

The vulnerability stems from an error in one of AOL's international e-mail
authentication systems, which granted users access without correctly
verifying passwords. By simply entering an account name, an AOL user had
the ability to read any other user's e-mail and all personal data
contained therein.