# ColoCrossing full disclosure



## SrsX (Dec 16, 2013)

You've gone on way to long, and I'm about to disclose the information about you not a lot of people will have seen. I hate that it's come to this, but you've violated multiple laws and I've had enough with you being the source of all the drama. I gave you a chance, now you've pushed your luck.

Let's start with your personal information: _<--snipped-->_

... I did say full disclosure, right? - *To staff: if you have an issue with me posting that information, then edit it out of the post, but legitimate company owners shouldn't mind their information being on the internet, right?*

Now, how about a huge file from entries in databases regarding ColoCrossing?

These entries were taken from *VPSACE database*, you know the company ColoCrossing has "*no involvment in*" right?

http://0bin.net/paste/ykqTwcjnaRgslJt6#rQzzkpfb+yxPO95RE5e2sIAziKqz/rWxOqOyHC/t4sA=

You see multiple entries there, if we jump to my other post's paste over here: http://pastebin.com/qxzBg8e2 you get a bit more background in to this.

This is just the first post of many to come; I have about 20MB of data regarding ColoCrossing, and its sub companies, money laundering, etc.


----------



## tchen (Dec 16, 2013)

For christ's sake, can we just keep this crap in one thread?

And another thing, you've posted information about their families.  What is wrong with you?


----------



## jarland (Dec 16, 2013)

Incoming DDOS.

Seriously gonna need a TLDR version of that last one.


----------



## SrsX (Dec 16, 2013)

jarland said:


> Incoming DDOS.
> 
> Seriously gonna need a TLDR version of that last one.


Last one, basically shows entries from colocrossing to VPSAce customers and VPSAce themself of invoices, etc. Also introduces a new person, Matt B.


----------



## drmike (Dec 16, 2013)

Ahh, I don't approve of the first link.  Family stuff isn't very nice.

Now the vpsAce database, most of what I see in there are normal tickets in WHMCS...

"'[email protected]', '[email protected]', '[email protected]', 'ColoCrossing Billing Department - Payment Receipt'"

That's a normal system API tie in from ColoCrossing to the customer vpsace with this Matt Barauski fellow who likely doesn't exist.  He certainly wasn't staying at the prior address in Florida who is related directly to Chris N. 

But the presence of colocrossing in there is entire legitimate.

There is other stuff in there worth fishing out.  Namely the presence of Chris N, n3.ca and links to other brands under the same company.


----------



## SrsX (Dec 16, 2013)

drmike: As in regards to Chris from N3, well thats 116MB and I don't feel like uploading it.


----------



## drmike (Dec 16, 2013)

Interested in time seeing what is in there.   Hopefully info on his many companies and intertwined nature of them.

More of that, less of who he is bonking and what his face looks like with 15 hotdogs shoved in it on Facebook.


----------



## mitsuhashi (Dec 16, 2013)

Disclosing a company's information is fine. Jon does have the wrong idea regarding privately-owned companies vs. secretly-owned companies (e.g. wrongfully assuming that disclosure of commercial DBAs like lowendbox.com and lowendtalk.com is optional).

But I'll +1 removing Alex Vial's family members from the list. They've not broken any disclosure laws and are not the ones lying to people.


----------



## Deleted (Dec 16, 2013)

As a former CC employee, That is very shitty of you to post people's families on a thread that have nothing to do with the people in the original posting.


----------



## sv01 (Dec 16, 2013)

sadly :

Pastebin.com is under heavy load right now


----------



## XFS_Duke (Dec 16, 2013)

Dude really? You post peoples family information on here.. How about this.. Full disclosure.. You're a fucking douchebag... This dudes family did nothing for you to sit there and post crap about them... How much of a man do you think you are right now? Because, I'll tell you, a man doesn't result to this bullshit... Remove that crap... And for God's sake, keep the shit in one thread, why do you people insist on opening multiple threads to speak your dumb shit?! God damn, this is the crap I'm talking about here... Remove my post if you like, but this shit needs to end or get limited to one thread and not open a new thread when you post private information for a dudes family like a coward sitting behind a computer...


----------



## jarland (Dec 16, 2013)

Man Duke, while I agree with the family thing, you could probably use a day off brother


----------



## XFS_Duke (Dec 16, 2013)

To relay as to why it pisses me off is that someone did that to me a long time ago and it didn't turn out very well just because I said something about them... You know, stuff like posting family information is very childish and needs to be addressed by yourself. I didn't mean to be rude in my last post, just isn't the right thing to do. Doing a "good deed" as you call it is good, but this is wrong...

Sorry jarland, I hope everyone understands what I mean and why I got upset...


----------



## drmike (Dec 16, 2013)

It's all cool Duke!


----------



## MannDude (Dec 16, 2013)

Yeah... please don't post personal information about unrelated people.


----------



## drmike (Dec 16, 2013)

But feel free to call the little bastards who own and operate Lowendtalk.com and LowendBox.com and Colocrossing and associated shells all kinds of names.


----------



## dcdan (Dec 16, 2013)

I don't agree or disagree with all this CC thing, but how is it "good"/legal to post pieces of stolen database?


----------



## wlanboy (Dec 16, 2013)

MannDude said:


> Yeah... please don't post personal information about unrelated people.


Please don't post any personal information.

Reminds me of some shit in the past.


----------



## Francisco (Dec 16, 2013)

dcdan said:


> I don't agree or disagree with all this CC thing, but how is it "good"/legal to post pieces of stolen database?


That's just it.

VPSACE refuses to comment on it and hasn't contacted their own customers about the credit cards stored inside said dump.

Until they make a statement, there can only be a 'pretty sure' basis that it's what it is. FYI, to date they *still* haven't notified anyone. Someone should inform VISA I think.

Francisco


----------



## dcdan (Dec 16, 2013)

Francisco said:


> That's just it.
> 
> 
> VPSACE refuses to comment on it and hasn't contacted their own customers about the credit cards stored inside said dump.
> ...


Thanks, I was not aware of that... not good indeed, but does it justify making parts of the said database even "more available"?


----------



## drmike (Dec 16, 2013)

dcdan said:


> I don't agree or disagree with all this CC thing, but how is it "good"/legal to post pieces of stolen database?


Well, if the right pieces were posted it would show the shell games and intertwining.

At the point where something is stolen and posted online it's public reference material.  I referenced this database a while back or parts of it.

I cut the line where someone would post credentials or credit cards or similar victim info.


----------



## Francisco (Dec 16, 2013)

dcdan said:


> Thanks, I was not aware of that... not good indeed, but does it justify making parts of the said database even "more available"?


I haven't read much of the ticket dump past a few snips and keywords, but i don't think there's any customer interaction in there, just them<>CC.

There was at least 1 ticket that showed Chris N testing that their contact form worked and such.

Francisco


----------



## DomainBop (Dec 16, 2013)

Francisco said:


> That's just it.
> 
> 
> VPSACE refuses to comment on it and hasn't contacted their own customers about the credit cards stored inside said dump.
> ...


When credit card information is involved Visa needs to be notified immediately by the merchant and there are 6-figure penalties for not notifying them in a timely manner.  I'll just repost what I wrote on LET earlier today about a WHMCS breach involving another provider.



> Among those who don't give free passes when there is a database breach and the provider doesn't follow proper notification policies are Visa and Mastercard, and the Attorney Generals of the 46 states that have database breach notification laws.
> 
> Hell, Visa even requires timely notification when "only 3%" of the customers in the WHMCS database of a provider who directly accepts credit cards have their info compromised and downloaded like happened to CVPS in October
> 
> ...


----------



## Francisco (Dec 16, 2013)

DomainBop said:


> When credit card information is involved Visa needs to be notified immediately by the merchant and there are 6-figure penalties for not notifying them in a timely manner.  I'll just repost what I wrote on LET earlier today about a WHMCS breach involving another provider.


Have they been informed?


----------



## SrsX (Dec 17, 2013)

Decided to post over at Lowendtalk for fun with this; suddenly my account was banned and the post was deleted


----------



## rds100 (Dec 17, 2013)

I suppose it was because of the family FB links. There is no need to involve the families in this.


----------



## MartinD (Dec 17, 2013)

SrsX said:


> Decided to post over at Lowendtalk for fun with this; suddenly my account was banned and the post was deleted


What do you expect?

"I decided to post on a forum and stir the shit, implicate people who are innocent... for shits and giggles"

Grow up for god's sake.


----------



## SrsX (Dec 17, 2013)

MartinD said:


> What do you expect?
> 
> "I decided to post on a forum and stir the shit, implicate people who are innocent... for shits and giggles"
> 
> Grow up for god's sake.


My bad, I guess this whole "full disclosure" stuff and "transparency" you guys preach isn't important anymore, right?


----------



## Aldryic C'boas (Dec 17, 2013)

"Full Disclosure" does not include collateral damage.  When you go after someone's uninvolved family, you deserve any scorn you get.


----------



## SrsX (Dec 17, 2013)

Aldryic, so you're now saying the FBI is a criminal, because they have a *lot* of collateral damage. When they raid and arrest someone they don't just stop there, they first dig in to all of the persons family also to collect as much information as possible.


----------



## MannDude (Dec 17, 2013)

SrsX said:


> My bad, I guess this whole "full disclosure" stuff and "transparency" you guys preach isn't important anymore, right?


I don't mind the posting of things regarding people involved, but no one here needs to know addresses of family members and what not that are not involved. All I did was snip out the URL containing this information, as it's unrelated and not needed. Elsewhere it'd not be so lax.


----------



## Aldryic C'boas (Dec 17, 2013)

I never said the FBI wasn't criminal.  Being former 97E and former DOD, I know exactly how criminal/evil/<your adj here> government agencies can be.  And you'll find (if you notice all the privacy and anti-PRISM/etc threads here) that many of us feel the same.

However, nobody's actions will ever excuse or justify your own.  You posted information on people completely unrelated to all of the CC/CVPS drama, and opened the door to grief being thrown their way for no reason.  *YOU*, and nobody else, are responsible for that poor judgement.


----------



## MannDude (Dec 17, 2013)

SrsX said:


> Aldryic, so you're now saying the FBI is a criminal, because they have a *lot* of collateral damage. When they raid and arrest someone they don't just stop there, they first dig in to all of the persons family also to collect as much information as possible.


Law enforcement agencies have a long history of getting things wrong and raiding the wrong houses and negatively impacting lives of individuals who are innocent, even after their research.  Look, I just don't want this place to become some 4chan-esque hackforum hybrid where people 'dox' family members of people who do shitty things. I already get enough flack and people hating on the site the level of freedom I already allow of posting things that on other places would be removed, locked, sunk or hidden.


----------



## Reece-DM (Dec 17, 2013)

Why is this even in "industry News" hardly news.


----------



## SrsX (Dec 17, 2013)

I completely agree with you MannDude and I respect that, as per what I said in original post you can remove the information if you wish. It was just there because that is what was in my document.


----------



## XFS_Duke (Dec 17, 2013)

SrsX said:


> My bad, I guess this whole "full disclosure" stuff and "transparency" you guys preach isn't important anymore, right?


While we're speaking on full disclosure, how about giving everyone your information? Such as phone number, address, age, date of birth, SSN, DL ID, all your family information as well? How about that? You're not any law enforcement agency, you're just some kid behind a computer that knows how to use Facebook, you're awesome in your own little world...


----------



## SrsX (Dec 17, 2013)

XFS_Duke said:


> While we're speaking on full disclosure, how about giving everyone your information? Such as phone number, address, age, date of birth, SSN, DL ID, all your family information as well? How about that? You're not any law enforcement agency, you're just some kid behind a computer that knows how to use Facebook, you're awesome in your own little world...


Sure.

James M

06550 22 ** ** (removed)


Ansbacher Strasse ** (removed)


Dahnen, Hessen 546** (removed)

Germany

Need any more information? I'd be happy to share.


----------



## MannDude (Dec 17, 2013)

Reece said:


> Why is this even in "industry News" hardly news.


Good eye, didn't realize it was posted there.


----------



## Aldryic C'boas (Dec 17, 2013)

MannDude said:


> I already get enough flack and people hating on the site the level of freedom I already allow of posting things that on other places would be removed, locked, sunk or hidden.


I find that to be rather sad, to be honest =\


----------



## MannDude (Dec 17, 2013)

Aldryic C said:


> I find that to be rather sad, to be honest =\


Can't please everyone. <shrugs>


----------



## HostUS-Alexander (Dec 17, 2013)

SrsX said:


> Aldryic, so you're now saying the FBI is a criminal, because they have a *lot* of collateral damage. When they raid and arrest someone they don't just stop there, they first dig in to all of the persons family also to collect as much information as possible.


FBI = Law enforcement. 

You = Some guy that needs a job.

Just chill with all the colocrossing stuff.


----------



## SrsX (Dec 17, 2013)

HostUS-Alexander said:


> FBI = Law enforcement.
> 
> You = Some guy that needs a job.
> 
> Just chill with all the colocrossing stuff.


I have a job, this is a hobby.


----------



## wlanboy (Dec 17, 2013)

After reading about half of the thread I had the dim (and bad) feeling that I am currently on a different site ... seeing green colors all around.


----------



## tchen (Dec 17, 2013)

wlanboy said:


> After reading about half of the thread I had the dim (and bad) feeling that I am currently on a different site ... seeing green colors all around.


We need a cesspit


----------



## MannDude (Dec 17, 2013)

tchen said:


> We need a cesspit


We do, kind of. It's just not used.


----------

