Car shoppers' credit details exposed in bulk

Car shoppers' credit details exposed in bulk
Kevin Poulsen, SecurityFocus 2003-09-25

At least 1,000 automobile shoppers who submitted online credit applications to any of 150 different automotive dealerships around the U.S. had their personal and financial details exposed on a publicly-accessible website, according to a computer security consultant who stumbled across the privacy gaffe.

Car shoppers' credit details exposed in bulk 2003-09-30
Good Samaritan

Common folks - What this guy did took little knowledge and little time. The code on the page (and we are talking clear text here) referenced a page. He went to that page. He got booted to an admin page. (Admin pages that come with web tools are normally not secured.) He looked at the URL and sa...

[ more ]