[ news_security_news ]
PayPal Customer Email Addresses Exposed
SecurityProNews
Staff Writer
2005-01-25
 Insider Reports RSS Feed
PayPal has reported that the email addresses of some customers were leaked onto the internet.
The leak happened at Benchmark Portal who is a third-party company that handles customer-survey e-mails. They say that a "limited number of user e-mail addresses" were exposed.
"We're working directly with those users whose e-mail addresses were exposed. We're informing them of the situation and warning them they may receive deceptive e-mails. We're encouraging them to contact us if they receive deceptive e-mails," said PayPal spokeswoman, Sara Bettencourt.
"First and last names are only kept on our own servers," she said. "All sensitive financial information resides on our servers, and none of that information was ever accessed."
According to a ZDNET article,
"The data leak was possible because of a flaw in the opt-out form provided by BenchmarkPortal, a provider of survey services. The form showed a customer's e-mail address to anyone who guessed BenchmarkPortal's survey ID for that customer. If an intruder guessed a valid ID number, the corresponding PayPal user e-mail address was returned."
About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
