Jump to content

Credit card numbers on Google


justin0469

Recommended Posts

http://venturebeat.com/2010/04/23/blippy-credit-card-citibank/

I just googled the same query they have in the picture and starting with the second page, it's filled with CC numbers :eek:

Yesterday was a big day for social-oversharing site Blippy, which lets members automatically post their purchases to the Internet. The company announced $11.2 million in funding and was profiled in The New York Times.

Overnight, at least one Internet power user figured out a way to search for Blippy members’ credit card numbers on Google. A fairly obvious search for “from card” this morning returned 127 results that included full credit card numbers.

VentureBeat reporters deduced that all are Citibank-issued MasterCard numbers. We’re reluctant to publish further details yet. We’ve contacted Citibank, Blippy CEO Ashvin Kumar and cofounder Philip Kaplan, and some of the people whose card numbers turned up.

usethisone.jpg

Link to comment
Share on other sites

Crazy question here..... Why would you want your purchases posted on the internet anyways?? :dunno:

My thoughts exactly. I'll expand on that by adding foursquare. Why the hell do you need to broadcast your exact location and movement?

Link to comment
Share on other sites

Crazy question here..... Why would you want your purchases posted on the internet anyways?? :dunno:

:plus1: If you need to advertise how well you are keeping up with the Jones you deserve to be robbed blind.

Blippy cofounder responds to credit card leak: “It’s a lot less bad than it looks”

Earlier today, VentureBeat broke the news that some members of Blippy, a social-sharing site for shoppers, had their credit card numbers published to Google by Blippy’s servers.

Blippy cofounder Philip Kaplan, known to Web 1.0 oldsters as Pud from Fucked Company, sent us the following response, which we quote in full:

“Today someone discovered a Google search that displays the credit card numbers of 4 Blippy users.

“We take security seriously and want to assure Blippy users that this was an isolated incident from many months ago in our beta test, and doesn’t affect current users.

“While it looks super-scary and certainly sucks for those few people who were affected, and is embarrassing to us, it’s a lot less bad than it looks.

“Here are the details:

* Say you buy lunch at Quiznos. Your credit card statement shows a complex entry like “Quiznos Inc Store #1234 San Francisco.” But Blippy cleans this up to only show “Quiznos.” We refer to these as the “raw data” vs the “cleaned up data.”

* Raw data is typically harmless. But it turns out that some credit cards (4 out of thousands in this case) show the credit card number in the raw data. For example, “Quiznos Inc Store #1234 from card 4444….”

* Many months ago when we were first building Blippy, some raw (not cleaned up, but typically harmless) data could be viewed in the HTML source of a Blippy web page. The average user would see nothing, but a determined person could see “raw” line items. Still, this was mostly harmless — stuff like store numbers and such. And it was all removed and fixed quickly.

* Enter Google’s cache. Turns out Google indexed some of this HTML, even though it wasn’t visible on the Blippy website. And exposed 4 credit card numbers (but a scary 196 search results).

* We’re working with Google now to remove Blippy from their cache, and they inform us it will be completed within a couple of hours.

“While we take this very seriously and it is a headache for those involved, it’s important to remember that you’re never responsible if someone uses your credit card without your permission. That’s why it’s okay to hand your credit card over to waiters, store clerks, and hundreds of other people who all have access to your credit card numbers.

“We’re making efforts to bolster our security to ensure that nothing like this ever happens again. That includes third-party security audits, and in general being a lot more careful before new features are released, even if it’s during a small, limited beta test period.

“Thank you for reading.”

Edited by RC51 John
Oops
Link to comment
Share on other sites

Ummm.... Yeeeeaah.... Like I'm gonna trust a guy named "Pud" with a company called "Fucked" :rolleyes:

He really sounds like a legit businessman

Edited by Fonzie
Link to comment
Share on other sites

sweet i just bought 12 plasmas, 4 PS3s, 3 xbox and 22 blu ray players with some jerks card. hopefully no one on here. but if you are, its cool. you can come over and hang out in my TV cave.

Link to comment
Share on other sites

nope, north/south like regular. But the pubes, if present, are like black moss...

omg, i need to get out more.

what about white vajayjay (that IS what it's called right? damn that rap music and public schooling!) does it really have teeth like the 700 club said? i think they called it "vajayjay dentaytay"

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...