Blippy, the social network for people who want to publicize their purchases, got in big trouble yesterday for publishing some of its users credit card numbers. But by mid-afternoon, Blippy had announced the problem was taken care of and that the situation was “a lot less bad than it looks.”
Well, it still looks really bad.
With the help of an SAI reader, we found Blippy was still making at least one debit card number available to scamsters Google searching for the terms “site:blippy.com +outstanding.” We’ve pasted a screenshot below.
A Blippy spokesperson agreed with us yesterday that these kinds of privacy mistakes are a “nightmare scenario” for Blippy.
Rational people would assume that two days of publishing user’s credit card and debit card numbers would be death blow for a social network designed for people who want to publish the purchasing history.
We’re not so certain. The very fact that anybody uses Blippy, even before this week’s cluster, suggests to us that there are lots of people with very little concern for their privacy. Some people would even suggest those types are just being realists, that any sense of privacy on the Internet is an illusion anyway.
Still, we recommend these people Google their Blippy account and make sure nothing they don’t want exposed is exposed.
The reader who spotted this info asked us not to use his name. We asked him if he was associated with Blippy or any of its competitors. He told us, “no connections whatsoever beside being a user.”
“I just don’t want problems with authorities because of the credit card numbers or anything. I don’t think its a felony since it’s google publishing this information but I wouldn’t want to worry like the guy who sold the iphone 4g you know!”
Here’s the screenshot. We’ve blurred out the debit card number in the bottom result.
Update: Blippy cofounder Philip Kaplan has reached us with a statement:
We sincerely apologise to this user. We’ve reached out to him and will do what it takes to make sure he is minimally affected. We have also reached out to Google and have asked them to re-index that page and the rest of their cache of the Blippy website. As with the issue yesterday, the page in question is a 2-month old page on Blippy that temporarily displayed a users credit card number, which was erroneously sent by his bank as the name of a merchant, in the HTML source. It should have never happened and we take full responsibility. I just spoke with a Google representative and informed them of the situation. Google is cooperative and moves quickly — I expect the probably will be taken care of soon.
Business Insider Emails & Alerts
Site highlights each day to your inbox.