Moonpig customers' personal details exposed in "simple API flaw" in Android mobile app

clock

"There's no authentication at all," blast security specialists as Moonpig takes down its mobile apps

Moonpig, the popular greetings card and gifts website, has had the accounts of three million users compromised after an attack on the company's website by hacking group "p0wned". The attack, acc...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
Android password managers vulnerable to 'AutoSpill' attack, researchers warn

Threats and Risks

Android password managers vulnerable to 'AutoSpill' attack, researchers warn

Exploits a weakness in autofill functionality

clock 11 December 2023 • 2 min read
WhatsApp exploits commanding multi-million prices

Hacking

WhatsApp exploits commanding multi-million prices

Security advances have made hacking an expensive endeavour.

clock 06 October 2023 • 2 min read
NSO's Pegasus spyware used to hack exiled Russian journalist

Hacking

NSO's Pegasus spyware used to hack exiled Russian journalist

Galina Timchenko led a media outlet Moscow declared ‘undesirable’

clock 14 September 2023 • 2 min read
Author spotlight

Graeme Burton

View profile
More from Graeme Burton

Peter Cochrane: Coronavirus as a change agent

Microsoft to migrate Office 365 Personal and Home users to Microsoft 365

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

Get the newsletter

More on Security

Interview: lllumio, Security Excellence Awards Finalist
Security

Interview: lllumio, Security Excellence Awards Finalist

'Zero-trust segmentation is a foundational capability of any zero-trust strategy

Computing Staff
clock 30 April 2024 • 1 min read
Interview: Zerto, Security Excellence Awards finalist
Security

Interview: Zerto, Security Excellence Awards finalist

'We laser focus on disaster recovery, ransomware resilience and multi-cloud mobility'

Computing Staff
clock 29 April 2024 • 4 min read
BlueVoyant chooses Leeds for new Security Operations Centre
Security

BlueVoyant chooses Leeds for new Security Operations Centre

The new SOC will boost customer compliance with regulations like NIS2 and DORA

Penny Horwood
Penny Horwood
clock 25 April 2024 • 4 min read