GalleyCat AppData PageData SocialTimes AllFacebook AllTwitter LostRemote 10,000 Words FishbowlNY FishbowlDC TVNewser TVSpy AgencySpy PRNewser

I Hope You Don’t Have a Borders Rewards Card

Up until Monday night, anyone could have gone on the web and messed with your account.

About 3 days ago one Borders employee decided to share with the world that the Borders Reward website was open to the web. Anyone who  knew the address could have searched for an account and edited any of the information. No, seriously, it used to be right here. I saw it. I even went in and changed details on my Borders Rewards account (I get the teacher discount now).

Are you freaked out yet? You should be. The site is down now, but no one knows how long this security breach has been open. But my guess is that it’s been open ever since the site was launched. Borders was probably relying on security through obscurity. So long as no one knew about it (besides the vast numbers of Borders employees), it was safe.

I heard about this site on Saturday, and I held the story. I was waiting for a friend to tell me if he thought it could be hacked. I never did get an answer, unfortunately.  It would have been interesting to find out if he could have messed with the database (not just one entry). But the site is down now, so it doesn’t matter.

image by chelmsfordblue

Mediabistro Course

Freelancing 101 Online Boot Camp

Freelancing 101Starting April 28, this online event will show you the best way to start your freelancing career, from the first steps of self-advertising and marketing, to building your schedule and managing clients. By the end of this online boot camp you will have a plan for making a profitable career as a freelancer, and the skill set to devote yourself to it. Register now!