Blippy Triggers “Nightmare Scenario” by Accidentally Publishing Credit Card Numbers

In April 2010, Blippy users shared more than they bargained for when a Blippy security flaw turned into a “nightmare scenario” by revealing some users’ credit card numbers in search engine results. News of the breach traveled like wildfire and the mood at the startup “quickly went from elation to disbelief to disappointment.” Although the company apologized for its mistakes, fixed the problem, hired a Chief Security Officer, and began conducting security audits to prevent future incidents, for many users it was too late. The incident “tainted the service with an aura of mistrust” leading many users to “rush to delete their accounts.”