Sigma Online Backup

Online business data backups access via insecure login page

http://www.sigmaci.com/BackupDR.aspx

What is the problem?

Online backups of business data are accessed via an insecure <iframe> hosted via an unencrypted web page connection. This is an exceptionally bad idea for sensitive business data and/or storage of customer personal data.

Disclosure Policy

Prior to public disclosure, notification about any privacy or security issues discovered were sent by email to the operator of this website on 4th August 2018, using either an email address publicly discoverable on the site, or the RFC 2142 standards compliant address "webmaster@..." if no public email address was provided.

At time of posting the issue had not yet been resolved.