Money Matters, Simplified.
Blippy apologizes for credit card numbers glitch
by Jaspreet Virk - April 24, 2010 - comments
“Blippy sincerely apologizes to those 4 users and we have reached out to them. We will do what it takes to ensure that they are minimally affected,” Blippy's blog read.
It has not even been four months into operations, but here comes the first blow for Blippy. The social networking site, founded in January this year to enable users to share and discuss their purchases online, has landed itself in controversy after it was discovered that the site had been doing a little too much sharing.
Though the site has been started to enable people to share their credit purchases with their friends, someone found that the Google search exposed the credit card numbers of four Blippy users.
The Google search results revealed at least 127 debit or credit card transactions, amount spent, places of purchase, and the card numbers.
The glitch was made public in a report by technology blog VentureBeat.
Glitch fixed
The breach was immediately acknowledged by the company Friday.
In a statement posted on company’s blog, Philip Kaplan, co-founder of Blippy, stated that it has resolved the situation, and the numbers have been removed from Google search page.
“Blippy sincerely apologizes to those 4 users and we have reached out to them. We will do what it takes to ensure that they are minimally affected,” the blog read.
Though Blippy is doing everything to ensure such incident is not repeated again, the users who have been affected by the glitch are shocked.
Blippy explains the issue
Though the company acknowledged that the whole matter is embarrassing, it added that it is a “lot less bad” than it appears.
Blippy said that when any user makes a purchase, the site only reveals the items purchased, and cleans up all the raw data like the purchase location, credit card number etc.
Explaining the breach, it said that a few months ago, when the company was building the site, it noticed that some raw data, though harmless, could be viewed on Blippy’s web page.
After noticing the problem the company quickly fixed it. But it has now been found that Google indexed some of those pages containing the raw data, thus exposing the credit card numbers of four Blippy users.
Credit card victims narrate experience
Though Blippy is doing everything to ensure such incident is not repeated again, the users who have been affected by the glitch are shocked.
Till now two affected users have come forward. These are Bradd Dantuma from Grand Rapids, Michigan, and Ryan Alcott of Benton Harbor, Michigan.
Dantuma was quoted by mainstreet.com as saying that he was alerted about the breach through social media. His friend wrote on his Google profile, “Psst… You might want to cancel your Blippy account. And probably change your credit card number.”
He added that a friend of his told him to sign up for the service, and he decided to give it a try. “It was just one of those things that you sign up for and forget about until something happens like today."
Calling the incidence shocking, he said, "It'll make me think twice before signing up for anything else."
While Alcott, user name megavortex, took to his Twitter account saying that he was annoyed with Blippy. “I came home for lunch from work today and saw the whole mess. Luckily, the numbers that leaked were already inactive! :),” he wrote.