Massive Privacy Leak at Izea.com?
Some say a picture tells a thousand words. The one below has two that stand out for me: Email & Password.
( Click thumbnail for full screenshot )
This blatant disregard for user privacy makes me lose trust in having my blog associated with Izea.com. Although, I'm willing to give them the benefit of the doubt if they fix this issue quickly. We'll see how things pan out.
( Click thumbnail for full screenshot )
This blatant disregard for user privacy makes me lose trust in having my blog associated with Izea.com. Although, I'm willing to give them the benefit of the doubt if they fix this issue quickly. We'll see how things pan out.
posted by SEO Rob at 1/27/2008 08:42:00 AM
4 Comments:
Thankfully this is NOT a security leak. The issue here is that Parature, our support provider, allows anonymous and guest access to the system which they obviously need to do (if you can't log in, or just have a question, you won't have an account to log in with).
The problem is that a customer support member issued a password to an anonymous user and that showed up in the guest user history at Parature.
Obviously we're going to address the policies around issuing passwords immediately, and we've contacted Parature to make sure the My Support link is not there for non logged in users - it doesn't make sense and only serves to confuse.
Hope that clears everything up
Pete
Sheesh! i have never seen any site that displayes passwords on screen!!
@pete Thank you for the speedy response and for plugging the leak. I will continue to use your system.
http://www.increased-online-traffic.com/2008/01/izea-privacy-leak-plugged.asp
a privacy leak on that site would be a disaster.
Post a Comment
<< Home