dmca/2020/03/2020-03-24-orizon.md

5.8 KiB
Исходник Постоянная ссылка Ответственный История

Are you the copyright holder or authorized to act on the copyright owner's behalf?

Yes, I am the copyright holder.

Please describe the nature of your copyright ownership or authorization to act on the owner's behalf.

As responsible for the Computational Incident Response Team of Companhia Orizon do Brasil, linked to the Presidency and Corporate Information Security. We have the autonomy to request, appoint, register and take actions to protect the company's brand, strategy and information, and we work through the official channels [private] (main), [private] and [private].

Please provide a detailed description of the original copyrighted work that has allegedly been infringed. If possible, include a URL to where it is posted online.

It was identified by the service hired by the Orizon Company for Cyber Intelligence and Threat Monitoring (Cherokee ICMA) a series of codes, or code snippets that are proprietary according to several standard contracts signed between the Orizon Company, with its contracted third parties and employees. Among them, we can mention as main the Non-Disclosure Agreements (NDA), Employment Contract with Confidentiality and Intellectual Property clauses (Contracting of the Federal Regime (CLT) of the Federative Republic of Brazil).

What files should be taken down? Please provide URLs for each file, or if the entire repository, the repositorys URL.

The complete codes and already evaluated by Orizon's internal development, corporate information security, incident response team and the third party contracted for Cherokee ICMA monitoring, are contained in the following URLs, and are entirely owned by the company:

7cb265abb1/appEnv.json
7cb265abb1/package.json
[private]
[private]
[private]
[private]
d7f6bf86b1/new%2031.txt
7cb265abb1/backend/server.js
[private]
86d9c36f75/roles/HML02/tasks/main.yml
86d9c36f75/roles/HML03/tasks/main.yml
86d9c36f75/playbooks/copy.yml
86d9c36f75/playbooks/teste.yml
86d9c36f75/roles/ANLHML/tasks/main.yml
[private]
[private]
[private]
86d9c36f75/roles/HML01/tasks/main.yml
86d9c36f75/roles/HML03/tasks/main.yml.bkp
[private]
[private]
[private]
[private]
[private]
e220710386/br.com.dvm.AcessoExterno/FontePagadoraSulAmericaEx.cs
[private]
[private]
[private]

Have you searched for any forks of the allegedly infringing files or repositories? Each fork is a distinct repository and must be identified separately if you believe it is infringing and wish to have it taken down.

We only have the addresses indicated in this request and which were identified by an external monitoring service, hired by the company Orizon Brasil.

Is the work licensed under an open source license? If so, which open source license? Are the allegedly infringing files being used under the open source license, or are they in violation of the license?

All codes indicated are proprietary by the criteria as previously mentioned.

What would be the best solution for the alleged infringement? Are there specific changes the other person can make other than removal? Can the repository be made private?

The alteration of any and all information that uses the brand (Orizon, Orizon Brasil, OrizonBrasil, Polimed, CBGS) or exposes infrastructure data such as internal and external IP addresses, DNS of internal or external servers, e-mail addresses or groups of email can be accepted as a form of mitigation. Making the repository private will not prevent the sharing of data that any cyber threat can consume, whether through voluntary sharing or compromising the user's Github account.

Do you have the alleged infringers contact information? If so, please provide it.

We do not have the information because there are several offenders. However, it should be noted that we have already identified some previous ones and they have already removed or masked the exposed content.

I have a good faith belief that use of the copyrighted materials described above on the infringing web pages is not authorized by the copyright owner, or its agent, or the law.

I have taken fair use into consideration.

I swear, under penalty of perjury, that the information in this notification is accurate and that I am the copyright owner, or am authorized to act on behalf of the owner, of an exclusive right that is allegedly infringed.

I have read and understand GitHub's Guide to Submitting a DMCA Takedown Notice.

So that we can get back to you, please provide either your telephone number or physical address.

The contact can be made preferably by email, directly to me or the incident response team.

[private] (my direct email)
[private] (external email from the incident response team)
[private] (email used by company employees to respond to incidents)

Please type your full legal name below to sign this request.

[private]