April 23, 2010
-
News: Blippy Slips; Reveals Credit Card Data
Google and Blippy.com are at odds as reports indicate a data breach related to a Google search. The breach involves credit card data specific to the Citibank MasterCard. The information was intercepted off Blippy.com a social networking website where users share personal information on their credit card purchases. The breach involved only four card numbers, however, sends a stronger message that the site users are vulnerable to cybercriminals and theft. In view of the fact that the breach was associated with only one bank, it narrows the leak to one payment processing company. Google has acknowledged that they are aware that Blippy had published credit card data on its website which was accessible in a Google search. A company spokesperson said they are dealing with the issue. In response, Google posted an error message to any subsequent search rejecting the user's request.
Meanwhile, Blippy released a statement to its users explaining the reason the breach was possible and that it had been fixed. Blippy co-founder and CEO Ashvin Kumar said that the breach was possible due to a minor glitch in the system that believes to have been addressed during the early stages of Blippy. It appears Google users were able to access the credit card data because the company had indexed it prior to it being cleaned up. Although Blippy had updated the indexes, because of Google's fast search engine, users were able to access the credit card data.
Although Google acted with a sense of urgency in repairing the situation by preventing future searches to reveal card information, users were able to retrieve the credit card numbers and transfer them to other sites such as anonboard.com and Twitter. It's a tuff lesson for the victims of the cards; however, another reason to be more diligent in protecting your personal information. Allowing information to be exposed for the world to view can be considered callous to say the least.