Blippy.com, a website that provides a social component to online shopping, had the misfortune of accidentally leaking some of its members’ confidential debit and credit card numbers to the public via a search of its website using Google’s (NASDAQ: GOOG) search engine.Silicon Alley Insider first noted that a search of Blippy’s website with the query “outstanding” revealed the debit card number of one Blippy user, just one day after the company discovered that credit card numbers of four Blippy users could be found via Google. Blippy had accidentally exposed the credit card numbers to the public web in February, but didn’t recognize the problem until last week.
Blippy acknowledged the mistake on its blog on Saturday, stating ,”As a continuation of our efforts from yesterday, when four credit card numbers were discovered in Google’s cache, we’re taking the following measures: 1. We’re continuing to work with Google to have them remove all sensitive information from their cache. 2. We’re analyzing our backup databases from January and February to understand what additional information the Google cache may have.”
Blippy also asked Google to re-index its site.
A Google spokesperson provided the following comment to CNET, “Fundamentally, it’s Webmasters’ responsibility to take action when they make a mistake. Yesterday, Blippy notified us about four credit card numbers they had inadvertently published to the Web, so we took special measures to quickly remove the snippets and cached results containing those numbers.
“Today, we learned that there were additional URLs cached from the blippy.com site with credit card information, so our engineers worked on a Saturday morning to urgently remove the snippets and cached pages for all of blippy.com, which has about 20,000 URLs. The fix was complete by about 11:25 a.m. Pacific on Saturday morning.”
