Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Custom greeting card seller Moonpig fixes security blunder 17 months after responsible disclosure

Custom greeting card seller Moonpig fixes security blunder 17 months after responsible disclosure

2015/01/06

Softpedia - (International) Greeting card seller Moonpig closed a vulnerability in its Android app that was first reported to the company in August 2013 and could have allowed an attacker to change the customer ID and access customer names, email addresses, dates of birth, addresses, order histories, and the last four digits of payment card numbers.

Source: http://news.softpedia.com/news/Custom-Greeting-Card-Seller-Moonpig-Fixes-Security-Blunder-17-Months-After-Responsible-Disclosure-469085.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:23:00