The news that the card numbers of five Blippy users had been exposed to anybody with the search savvy to Google "site:blippy.com +'from card'" came as a bit of a shock on Friday. The first question is, who would want to share with strangers all their credit card purchases at a site like Blippy, whose sole purpose is credit and debit card spending voyeurism? What kind of psychological need is being filled by broadcasting that you just purchased an iPhone app or a tee shirt depicting a murderous hot dog? Why is anyone (besides a marketing professional) interested in what other people whom they don't know are buying over the internet?The more serious question, of course, is how did Blippy users' credit and debit card numbers suddenly become accessible to Google searchers? The answer does not have to do with hacking or any other sort of criminal activity, but a simple code error, according to the Official Blippy Blog. "Many months ago when we were first building Blippy, some raw (not cleaned up, but typically harmless) data could be viewed in the HTML source of a Blippy web page," a recent blog post says. "The average user would see nothing, but a determined person could see 'raw' line items. Still, this was mostly harmless - stuff like store numbers and such. And it was all removed and fixed quickly, months ago. Enter Google's cache. Turns out Google indexed some of this HTML, even though it wasn't ever visible on the Blippy website, and was removed from the HTML code months ago. Which exposed 4 credit card numbers on Google.com (but a scary 196 search results). We have contacted Google to requested that they remove all credit card numbers from their servers. [sic]"
The lesson is, don't allow credit and debit card numbers to creep into your HTML code. Or perhaps it's: test your new site to check for any potential security problems before taking it live. In either case, this episode highlights the dangers inherent in developing online applications that make use of customer data. It also may make consumers more wary of sharing personal payment-related information online, as they probably should be.