|
|
|
|
|
|
by clobec
4181 days ago
|
|
|
> You're getting mad at the wrong person here, full stop. No I'm not. I;m not angry. I realise this is the fault of Moonpig >This is gross, inexcusable negligence and incompetence. I'm surprised this guy didn't wait more than a few months, given the severity of this problem. I agree >Riiiight. Do you honestly think something this basic wouldn't be discovered by criminals soon, if not already? We don't know if anyone has already used this. We don't know if anyone ever knew about his. But now we know everyone knows about it.
To be honest, I would not be surprised if someone may have already used this for nefarious purposes but at this point in time there doesn't seem to be a public dump of data for low skilled hackers to continue using for years to come. I still think this should not have been publicly disclosed in this manner. He did not contact the ICO and he left this exploit open for a year because he didn't know the mature way to handle this. |
|
|