Nando's Firestarters website exposes user data

[supersunbird]

Very stupid.

https://www.businessinsider.co.za/n...-website-data-leak-consumers-fast-food-2019-7



Do they even know how web crawling work? Blamed the user, terrible practice.

This calls for:

 

[¯\_(ツ)_/¯]

What's mindblowing is that financial institutions are so far behind the curve - they can't even offer you a second factor of authentication of banking details - all they need do is tie a bank account name to the number, you'd think that's an easy task... the fact that you don't need both account name and number to transfer a million bucks is scary... it's pure negligence on the part of banks.

https://www.bbc.com/news/business-45900955

Luckily there are new initiatives afoot to address these mess that is South Africa.

We also need to remember the main BEC actors are West African. Add our porous borders ... wattamess!

 

[j4ck455]

So Nandos is seriously trying to blame *insert search engine name here* for crawling and caching a page that contained cleartext user data that should not have been stored on Nandos server?

 

[Fulcrum29]

So Nandos is seriously trying to blame *insert search engine name here* for crawling and caching a page that contained cleartext user data that should not have been stored on Nandos server?

The question is why that text was still visible, publicly. There is a bit more to it than Google, it is possibly also indexed by other crawlers and that the ‘old’ page was already cached prior to being cached by Google (and possibly by others).

System error, human error, which causes which? Them blaming it on user error.

 

[Sarg3_ZN]

 

[Happy Days]

Leadership issues. Let's start there.

Agreed, and no will to do anything about it for the most part. Same bunch of useless corrupt idiots being shuffled into different posts while the good gets targeted.

 

[¯\_(ツ)_/¯]

Agreed, and no will to do anything about it for the most part. Same bunch of useless corrupt idiots being shuffled into different posts while the good gets targeted.

Exactly that. They have some good people that are extremely competent. But they are sidelined and leave.

 

[Swa]

So they are blaming google without addressing how google managed to get access to a page with the user details? Still sounds like a breach occurred to me. Not a stretch to conclude that it's set up so search engines can have access as I see many sites where access to content is restricted but it's available in google cache. But why specific users?