Customer credit cards exposed in Google search...

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
User avatar
kaisellgren
DevNet Resident
Posts: 1675
Joined: Sat Jan 07, 2006 5:52 am
Location: Lahti, Finland.

Customer credit cards exposed in Google search...

Post by kaisellgren »

Blippy, a site that helps you tell everybody what you have bought online is in my opinion a weird idea, but what's more interesting is that some of their customer's credit cards were shown on Google search:

Image

http://blog.blippy.com/2010/04/23/blipp ... d-numbers/

They have 'fixed' the issue now and are taking security seriously:
We are hugely focused on security and are making efforts to bolster our security to ensure that nothing like this ever happens again. We recently raised $11.2 million from investors and are using a significant amount of that to build a world-class, secure infrastructure.
For some reason I am not convinced.

I highly recommend using PayPal, and not giving out your credit card to every site out there.
User avatar
timWebUK
Forum Contributor
Posts: 239
Joined: Thu Oct 29, 2009 6:48 am
Location: UK

Re: Customer credit cards exposed in Google search...

Post by timWebUK »

For a start the service seems a bit pointless! But I guess it'd lead onto a Facebook application and eventually everything you buy would feed onto there...

It's quite scary how well Google indexes websites.
dalelyst
Forum Newbie
Posts: 1
Joined: Tue Aug 24, 2010 8:05 pm

Companies just don't get it...

Post by dalelyst »

We're helping clients trying to get more budget internally for security augmentation. Been poking around all the potential ways in which you can get caught in a security mess.

These two scare the heck out of senior management:

http://www.scmagazineus.com/the-real-co ... le/113717/

This survey report is even more enlightening -- security is becoming a massive issue.
https://www.fortify.com/fortify/getform ... dyIW_110Q3
Post Reply