Home / Software & Gaming / Security / WHSmith data gaff sends form details to entire mailing list

WHSmith data gaff sends form details to entire mailing list

When you fill in a form on a website, you expect that information to go straight to the company who owns the site (and the NSA), not its entire mailing list of customers. But that's exactly what happened recently with WHSmith's site, which had a misconfigured “contact us” form on its main site, that sent all provided data right through to everyone who's ever bought something from the company.

whtwitter

“We have been alerted to a systems processing bug by I-subscribe, who manage our magazine subscriptions. It is a bug not a data breach,” WHSmith clarified in a chat with the Guardian. “We believe that this has impacted fewer than 40 customers who left a message on the ‘Contact Us’ page where this bug was identified, that has resulted in some customers receiving e mails this morning that have been misdirected in error.”

While the retailer eventually took the problematic form down, before that happened the problem was only compounded when people began using the WHSmith site to try and inform the company of the problem, only for that information to then be sent on to everyone, including personal details like usernames, email addresses, full names and in some cases even telephone numbers.

While some people were quick to point out the mistake to the company, others took it in their stride and enjoyed the easy access to such a large audience.

https://twitter.com/EmilyWillson1/status/639003939824926720

With the form now removed, WHSmith believes ‘only' around 40 people were affected, but has not responded further to requests about the breach.

KitGuru Says: Bit of a gaff, but good to see that WHSmith responded swiftly to the problem.

Become a Patron!

Check Also

Nvidia driver update fixes crucial security vulnerabilities

Nvidia GeForce, RTX, Quadro, NVS and Tesla GPU users will want to update their drivers soon. Nvidia has pushed out a hotfix with a number of critical security fixes that if left unfixed, could allow for unauthorised access to systems. 

2 comments

  1. What so our government is allowing a foreign governments Security service to read our emails lol

  2. JOBs AT  HOME SPECIAL REPORT………After earning an average of 19952 Dollars monthly,I’m finally getting 98 Dollars an hour,just working 4-5 hours daily online….It’s time to take some action and you can join it too.It is simple,dedicated and easy way to get rich.Three weeks from now you will wishyou have started today – I promise!….HERE I STARTED-TAKE A LOOK AT….md……

    ➤➤➤➤ http://googleonlineemploymentscareersprimework/start/earning/…. ⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛⚛