« McAfee promises to reimburse consumers for bad update
1.5 million stolen Facebook IDs up for sale »
Apr/26
2010

Credit Card Numbers Now on Google Thanks to Blippy

Categories: Computers / 1 comment »

By SARAH PEREZ

Blippy, the controversial site where the over-sharing, web-connected generation can link their credit cards and share their purchases has just come under fire from numerous tech blogs as it has been discovered that people's credit card numbers are now available on Google.

The site's value has been hotly debated since its launch with some saying it's an incredible recommendation service while others say it's a privacy disaster waiting to happen. Interestingly enough, it was featured yesterday on the New York Times, where that same question was posed to readers.

Now, thanks to a tipster who apparently emailed all the popular technology blogs (see: VentureBeat, Mashable, CenterNetworks for more coverage), there's a way to enter a simple search query into Google and get back the credit card numbers of Blippy users.

The query is: site:blippy.com +"from card"

At present, this security hole seems to be affecting Citibank-issued MasterCard numbers only, according to the bloggers at VentureBeat.

Blippy proponents will likely argue that the mistake, although quite a large one, was caught in time before major damage could be done. It's doubtful that any identify thieves have been able to retrieve these credit card numbers quickly enough to cause harm to those affected.

However, the users whose credit card info has been compromised will now have to cancel their cards and be issued new ones - a hassle to say the least. Was the benefit of using Blippy worth it? What if this security hole was only discovered by criminals and not a white-hat hacker type like the guy who contacted us?

We've argued before that people should definitely weigh the risks to their privacy before using services like Blippy, especially since you're not just sharing info from one private credit card account, you're aggregating all of them. If Blippy's infrastructure was compromised, hackers could get all your credit card info and the usernames and passwords you use across the web, too. (Probably the same one you use everywhere, if you're like most people).

If that risk is acceptable to you, then by all means, share away. You might find it interesting to see what others have shared too. But when something like this happens, don't be surprised. Nothing put on the Web is ever really private - as this breach clearly shows.

For link to story click here..

1 comment
Comment from: Missy Mcpherren [Visitor] · http://theleadtree.com
Missy McpherrenNice post but the way the economy is going these days I don't know when we'll ever see the end of it.
08/17/10 @ 19:08
Leave a comment

Your email address will not be revealed on this site.

Your URL will be displayed.
(Line breaks become <br />)
(Name, email & website)
(Allow users to contact you through a message form (your email will not be revealed.)
This is a captcha-picture. It is used to prevent mass-access by robots.
Please enter the characters from the image above. (case insensitive)