Moonpig customers' personal details exposed in "simple API flaw" in Android mobile app

clock

"There's no authentication at all," blast security specialists as Moonpig takes down its mobile apps

Moonpig, the popular greetings card and gifts website, has had the accounts of three million users compromised after an attack on the company's website by hacking group "p0wned". The attack, acc...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
Android password managers vulnerable to 'AutoSpill' attack, researchers warn

Threats and Risks

Android password managers vulnerable to 'AutoSpill' attack, researchers warn

Exploits a weakness in autofill functionality

clock 11 December 2023 • 2 min read
WhatsApp exploits commanding multi-million prices

Hacking

WhatsApp exploits commanding multi-million prices

Security advances have made hacking an expensive endeavour.

clock 06 October 2023 • 2 min read
NSO's Pegasus spyware used to hack exiled Russian journalist

Hacking

NSO's Pegasus spyware used to hack exiled Russian journalist

Galina Timchenko led a media outlet Moscow declared ‘undesirable’

clock 14 September 2023 • 2 min read
Author spotlight

Graeme Burton

View profile
More from Graeme Burton

Peter Cochrane: Coronavirus as a change agent

Microsoft to migrate Office 365 Personal and Home users to Microsoft 365

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

Get the newsletter

More on Security

Met police disrupt LabHost scam-as-a-service website
Security

Met police disrupt LabHost scam-as-a-service website

Dozens arrested globally and thousands sent warnings

Penny Horwood
Penny Horwood
clock 18 April 2024 • 3 min read
Last chance to register for Cybersecurity Festival 2024
Security

Last chance to register for Cybersecurity Festival 2024

Book your free place today

Computing Staff
clock 18 April 2024 • 2 min read
Interview: Illumio, Security Excellence Awards finalist
Security

Interview: Illumio, Security Excellence Awards finalist

'We are one team, delivering one platform, on one mission to ensure that organisations can realise a future without any high-profile breaches'

Computing Staff
clock 17 April 2024 • 5 min read