Skip to content

googling credit card numbers

2007 October 28
tags: , , , , ,
by David Ma

Interesting story about someone who happened to be happily googling about and ran across some lout's hidden (albeit rather poorly) cache of stolen credit card numbers, along with other details:

I found more than that: login details to people’s web hosting accounts and e-commerce site memberships as well. It was really freaky to think it was all just staring at me, thanks to a flukey Google search. Nothing more complicated than that. (And no, don’t email me for the search details!)

For whatever reason, a hacker has broken into a number of sites and stored the resulting DB dumps into text files that Google came along and indexed, all because this guy’s site’s directories were set to display their contents when no default file is present.

To be honest I'm not all that surprised. The hacker in question probably had put the information on a location that may have only been partially commandeered, giving him or her a place to stash his loot but possibly not being able to block index listings. Anyway, goes to show once again that, no matter how safe anyone tells you their system is, there is always room for mistakes. The gentleman's article, in that regard, provides some good advice to make sure that its not your credit card number that shows up on a google search.

Well, perpahs except for one:

So here’s the suggestion: search Google for your credit card number.

If I may be so bold as to disagree, I'd strongly discourage everyone from doing this. Not necessarily that someone at google will be salivating over the fact that you've just given up your credit card and will shortly be going to the nearest Fry's to cash in (given their options, I imagine they could care less...), but rather because that same info will be going to google by way of any number of intermediaries in a completely unsecured, unencrypted form. Not that its a huge risk - the chance of someone who happens to be listening in to your particular transmission may well be low. Then again, it ain't rocket science to set up a filter to pick out certain number patterns in internet traffic. I guess the only point is, why take the chance in the first place?

  • Google Bookmarks
  • Digg
  • del.icio.us
  • Facebook
  • email
  • LinkedIn
  • Slashdot
  • Technorati
  • Live
  • Print
  • Reddit
  • StumbleUpon
  • Yahoo! Buzz
  • Twitter
  • FriendFeed
  • MSN Reporter
  • NewsVine
  • Posterous
  • SphereIt
  • Sphinn
  • Suggest to Techmeme via Twitter
  • Tumblr
  • Yahoo! Bookmarks

related:

  1. Kinderstart v. Google
  2. Of Search Engines and Competition (Part II)
  3. Of Search Engines and Competition
  4. Belgian Court Slaps Google News
  5. premature cuil punditing

from → Uncategorized

No comments yet

Leave a Reply

Note: You can use basic XHTML in your comments. Your email address will never be published.

Subscribe to this comment feed via RSS

Switch to our mobile site