Welcome to WebmasterWorld Guest from 54.158.198.141

Forum Moderators: open

Message Too Old, No Replies

Google Search Reveals Credit-Card Numbers

Consumer fear of identity- and credit-card theft over the Internet continue

     
7:53 pm on Sep 16, 2004 (gmt 0)

Preferred Member from US 

10+ Year Member

joined:Nov 27, 2002
posts:410
votes: 0


Google Search Reveals Credit-Card Numbers

[story.news.yahoo.com...]

==========================================

Not exactly sure what they did for an actual search here but would be interested in knowing what the best test is to determine if my credit card information is online.

1:22 pm on Sept 17, 2004 (gmt 0)

Administrator from US 

WebmasterWorld Administrator goodroi is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:June 21, 2004
posts:3254
votes: 209


The article states the exact search that reveals credit card numbers and complete matching user information. It appears that Google has contacted the top results because those pages have been taken offline. However you can still click on the Google's cached version. This issue has been around for a long time and will always be around as long as there are stupid people managing databases with personal information. Another common problem is college databases with social security numbers that are accessible via the web.

If you are worried about your information, DO NOT search for your credit card number. This will only expose your credit card number to more unsecure databases.

10:58 am on Sept 18, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 25, 2003
posts:2528
votes: 0


I still can't believe that people are submitting their credit card details without checking for the secure logo in their browser. They just assume that it is safe.

Even more astounding is that I receive two or three emails a month from people detailing their credit card information in emails! And they're not even supposed to be coming to me, they are trying to email their bank and my web address is similar. Sometimes I wish I was more dishonest, I could retire earlier ....

12:13 pm on Sept 18, 2004 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 3, 2003
posts:141
votes: 0


Boy,

Trying to soothe consumer fears with stories like this surfacing every day makes our jobs so much more difficult.

Maybe we should start a post on the best security practices for your online business. Security doesnít seem to be discussed that much here.

Self taught webmaster donít really have a clue about security, me included. We rely on other people to guide us, sometimes with devastating consequences.

So what are you all doing to secure your data?

12:20 pm on Sept 18, 2004 (gmt 0)

Senior Member from FR 

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 15, 2004
posts:6717
votes: 230


problem about dicussing security in too much detail here is it gives "wannabee script kiddies "etc too many ideas ...
even tho we know only "nice people" use WebmasterWorld ...
3:08 pm on Sept 18, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member essex_boy is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:May 19, 2003
posts:3187
votes: 4


Hmm Ionce ran a search to see how easy it would to get thiskind of detail from teh web, my first attempt produced a list of passwords and user names for a South African uni.

Th ePW were for logging it to their email accounts of the heads of department. Pretty amazing really.

4:16 pm on Sept 18, 2004 (gmt 0)

Junior Member

10+ Year Member

joined:Mar 22, 2004
posts:60
votes: 0


If you're an online merchant, unless you have a subscription-based service there is no manditory reason to actually keep full credit card information for purchases - just keep the first and last 4 digits so you can resolve chargebacks etc (or keep a hash of the full CC number if you want to get fancy). You'll never have to worry about your customers being compromised by a mishap or a hacker.

It means that users will have to retype their CC info to make another purchase, but if they are wanting to buy something (and have made a purchase before) its not a huge barrier.

6:11 pm on Sept 19, 2004 (gmt 0)

Preferred Member from TH 

10+ Year Member

joined:Mar 4, 2003
posts:422
votes: 0


I heard that now google can be indexed SSL (https). You can check it out from searching this inurl:https directory in google. You will see the first listing is Secure URL. If that, what going on with Secure page?
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members