I am posting this under General Security, because basically this boils down to a security issue.
Scenario:
You, as a host provider, receive something like the following:
"My dear aunt passed away. She was hosting with you. Please send me all her web site access info so I can put up a memorial page."
So my question is, what do YOU do under this circumstance? For example, how can you possibly confirm this? How can you confirm that the person who is asking for access info actually has a right to this info? etc. etc. etc.
Thanks much.
Full Version: Hosted customer passes away. So what now?
Three things went through my mind immediately
1. Attempt to contact the customer. That should confirm the validity of the claim one way or the other and give you a chance to warn the customer if its false
2. Inform the claimant that without a a copy of a death certificate and proof that they are the executor or the estate, that you would liable for a "breach of contract" if you gave them the information
3. Pass the buck. suggest that they contact the domain registrar to get control of the domain
1. Attempt to contact the customer. That should confirm the validity of the claim one way or the other and give you a chance to warn the customer if its false
2. Inform the claimant that without a a copy of a death certificate and proof that they are the executor or the estate, that you would liable for a "breach of contract" if you gave them the information
3. Pass the buck. suggest that they contact the domain registrar to get control of the domain
QUOTE (newexpos @ May 13 2008, 04:33 AM) 
1. Attempt to contact the customer. That should confirm the validity of the claim one way or the other and give you a chance to warn the customer if its false
2. Inform the claimant that without a a copy of a death certificate and proof that they are the executor or the estate, that you would liable for a "breach of contract" if you gave them the information
3. Pass the buck. suggest that they contact the domain registrar to get control of the domain
2. Inform the claimant that without a a copy of a death certificate and proof that they are the executor or the estate, that you would liable for a "breach of contract" if you gave them the information
3. Pass the buck. suggest that they contact the domain registrar to get control of the domain
Yes, very good. I would personally just have them confirm the last 6-8 digits of the credit card used for the account. If they can't tell me, sorry, buck. If they could, their only option would be to cancel the account or transfer it to their name and billing information.
This is a very weird situation and sounds phony to me.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.