Stolen credit cards exposed on Google- report
Credit card information of 19,000 British Web surfers was exposed on Google search before being removed, according to a report this weekend.
It is unclear exactly when and for how long the information was available to Google searchers, although most of the cards had been canceled, The Telegraph reported the UK payments association APACS as saying. Visible were names, addresses, and credit card data for thousands of people.
Originally, the data was posted on an unsecured server in Vietnam used by criminal gangs that was closed in February, the newspaper said. However, the "cached" version of it on Google remained.
Google offers tools that allow webmasters to make sure content is not cached or is removed. Apparently, whoever leaked the data didn't use those tools.
"Please keep in mind that search engines are a reflection of the content and information that is available on the Internet. Search engines such as Google do not own this content, and do not have the ability to remove content directly from the Internet," a Google spokesman said in a statement.
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor. 





Google is the one who is giving the information to the world and telling them "oh its down, but here's a copy we made". They should be on the hook for it!
Google, while it is not exactly their fault, they bear some responsibility for several reasons.
1. The specialized searches such as intitle:index.of passwd passwd.bak expose systems not set up properly, but these searches are rarely useful for legit queries.
2. Google is not the only one at fault here, but it shows that indexing should be opt-in. robots.txt is an opt out tool, but most, if not all search engines unethically scan everything it can unless told otherwise. This problem of easily obtaining passwords would go away if Google wasn't so damn evil. Of course, this doesn't address the problem of people running web servers without knowing what they are doing.
- by mssoot March 31, 2009 8:59 AM PDT
- Glad to hear google is concerned about the problem and willing to step up and take resposibility or at least step up and try to prevent it in the future from happening again. Great job Google. I doubt the judge will see it the same way after the suit gets filed
- Like this Reply to this comment
-
(4 Comments)