We posted news yesterday that Blippy, the site for sharing your credit card transactions with friends, had inadvertently made full credit card numbers of some users visible in Google searches.
Blippy responded that the situation was “a lot less bad than it looks”, since only 127 transactions and 4 credit cards were affected. (We’d argue that’s still a major issue for a site that relies on user trust to post your transactions in the first place.)
Today a tipster tells us that the problem is not resolved — as of this morning, you could still find at least one full credit card number from a Blippy user on Google (shown below with the number obscured). Other searches reveal less sensitive data, like the last four digits of credit card numbers, the user’s bank name and dates and times of purchases.
The question is whether Blippy’s users, already quite comfortable with sharing their credit card transactions with the world, will be at all unnerved by these recent data leaks.
Update: Arvin on the Blippy blog writes: “To date, we’ve discovered one additional credit card number and have reached out to the owner. And while we don’t anticipate anyone else to be affected, we’re continuing our investigation with urgency.” Blippy also says it’s working with Google to “have them remove all sensitive information from their cache.”