Ask HN: My SaaS was used to commit a financial crime. What should I do?
34 by cuz-reasons | 11 comments on Hacker News.
I have reason to believe that a customer abused my product (allowing dynamic script execution) to commit a financial crime. I caught this pretty early and put a stop to it. I don't have very detailed logs of the incident, but I have some, showing very questionable activity. My logs are not good enough to know the full extent of their activities, nor the IP addresses used, as the script routed requests through a 3rd party. I run a USA based SaaS as a Solo Founder, a one-person shop. The customer is Russian, the financial activity appears to be in the USA. Mid-term, I am going to add detailed logging of all customer activity, and a workflow to analyze these logs. What should I do about this incident? Contact the financial institution? Contact the FBI? Do nothing else? EDIT: Thanks I will contact a lawyer. I'll leave this up in case the discussion helps others.
Tidak ada komentar:
Posting Komentar