A US online pet store has exposed the details of more than 110,400 credit cards used to make purchases through its website, researchers have found.
In a stunning show of poor security, the Austin, Texas-based company FuturePets.com exposed its entire customer database, including names, postal and email addresses, phone numbers, credit card information, and plain-text passwords
[…]
The database was exposed because of the company’s own insecure server and use of “rsync,” a common protocol used for synchronizing copies of files between two different computers, which wasn’t protected with a password.
Source: A database of thousands of credit cards was left exposed for months
Oh dear, clear text passwords and non-protected rsync transfers 🙁
Robin Edgar
Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft