Be Excellent To Each Other https://www.beexcellenttoeachother.com/forum/ |
|
Moonpig vulnerability https://www.beexcellenttoeachother.com/forum/viewtopic.php?f=3&t=10301 |
Page 1 of 1 |
Author: | Trooper [ Tue Jan 06, 2015 12:02 ] |
Post subject: | Moonpig vulnerability |
http://www.ifc0nfig.com/moonpig-vulnerability/ Have you got a moonpig account? Did you know that for the past year they have known about a serious problem with their API and have done nothing about it? If you don't want to read the page, i'll give you a TL:DR. You can get full details of any customer with no authentication. Name, address, Credit card details, etc... Don't worry though, they only give out the last 4 digits of your credit card, so that's nice. |
Author: | myp [ Tue Jan 06, 2015 12:12 ] |
Post subject: | Re: Moonpig vulnerability |
Yes, I've already requested they delete my account and all my personal information. |
Author: | TheFireFaerie [ Tue Jan 06, 2015 15:39 ] |
Post subject: | Re: Moonpig vulnerability |
!! Not cool! *goes off to delete account* |
Author: | DavPaz [ Tue Jan 06, 2015 16:01 ] |
Post subject: | Re: Moonpig vulnerability |
My account has been deleted, despite the crawling message telling me that all is fine. |
Author: | MrPSB [ Wed Jan 07, 2015 11:23 ] |
Post subject: | Re: Moonpig vulnerability |
Their response was terrible, "Your data is safe!!!!!!" despite long and detailed post explaining for the last year that it wasn't. |
Author: | Cras [ Wed Jan 07, 2015 11:47 ] |
Post subject: | Re: Moonpig vulnerability |
Well they blocked the API in question, so technically your data is safe, though it's spent the last 18 months not being safe. |
Author: | Cras [ Wed Jan 07, 2015 11:47 ] |
Post subject: | Re: Moonpig vulnerability |
Still, good stable door locking, folks |
Page 1 of 1 | All times are UTC [ DST ] |
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |