Moon­pig app se­cu­rity alert

Midweek Sport - - NEWS -

GREET­INGS card web­site Moon­pig has sus­pended its mo­bile apps fol­low­ing a claim a se­cu­rity bug has ex­posed per­sonal de­tails of its cus­tomers.

De­vel­oper Paul Price posted an en­try on his blog yes­ter­day claim­ing a se­cu­rity flaw meant that any­one could pose as another user – gain­ing ac­cess to a por­tion of their credit card de­tails and per­sonal in­for­ma­tion as well as be­ing able to make or­ders from their ac­count.

Mr Price dis­cov­ered the prob­lem in Au­gust 2013 and told Moon­pig, but de­spite the com­pany say­ing it would “get right on it”, the glitch was still in place yes­ter­day.

Moon­pig has as­sured cus­tomers that “all pass­word and pay­ment in­for­ma­tion is and has al­ways been safe”, but said it had made its apps un­avail­able while it con­ducted in­ves­ti­ga­tions.

Mr Price posted: “I’ve seen some half-ar­sed se­cu­rity mea­sures in my time but this just takes the bis­cuit.

“Who­ever ar­chi­tected this sys­tem needs to be shot… wa­ter­boarded.”

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.