{"id":63384,"date":"2012-10-29T16:11:29","date_gmt":"2012-10-29T14:11:29","guid":{"rendered":"http:\/\/mybroadband.co.za\/news\/?p=63384"},"modified":"2012-10-30T08:05:13","modified_gmt":"2012-10-30T06:05:13","slug":"gauteng-com-exposing-user-e-mails-phone-numbers","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/63384-gauteng-com-exposing-user-e-mails-phone-numbers.html","title":{"rendered":"Gauteng.com exposing user e-mails, phone numbers"},"content":{"rendered":"<p>Gauteng.com, a tourism portal run by <a title=\"Intoweb\" href=\"http:\/\/mybroadband.co.za\/vb\/showthread.php\/478438-Intoweb\">Intoweb<\/a>, had a publicly accessible URL that displays the details of every request for information, quote, or booking made through the site dating back to 17 April 2007.<\/p>\n<p>Details such as the name, e-mail address, and telephone number of the person requesting information are exposed.<\/p>\n<p>The information appears to have been indexed by <a title=\"Google\" href=\"http:\/\/mybroadband.co.za\/vb\/showthread.php\/314567-Google\">Google<\/a>.<\/p>\n<p>Other information shown at the link includes the venue about which the request was made, the date the request was sent, and the message users sent through the site.<\/p>\n<p>Four buttons are also shown next to each request for information, such as delete and reply. The functioning of these buttons was not tested.<\/p>\n<div id=\"attachment_63386\" style=\"width: 610px\" class=\"wp-caption aligncenter\"><a  data-lightbox=\"post-image\" href=\"http:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2012\/10\/Gauteng.com-privacy-issue-censored.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-63386\" class=\" wp-image-63386  \" title=\"Gauteng.com privacy issue censored\" src=\"http:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2012\/10\/Gauteng.com-privacy-issue-censored.jpg\" alt=\"Gauteng.com privacy issue\" width=\"600\" height=\"517\" srcset=\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2012\/10\/Gauteng.com-privacy-issue-censored.jpg 1134w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2012\/10\/Gauteng.com-privacy-issue-censored-87x75.jpg 87w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2012\/10\/Gauteng.com-privacy-issue-censored-162x140.jpg 162w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2012\/10\/Gauteng.com-privacy-issue-censored-250x215.jpg 250w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/a><p id=\"caption-attachment-63386\" class=\"wp-caption-text\">Gauteng.com privacy issue<\/p><\/div>\n<p>Following a request for comment to Intoweb the page no longer appears to be public.<\/p>\n<p>Intoweb MD <a title=\"Darren Harris\" href=\"http:\/\/mybroadband.co.za\/vb\/showthread.php\/478440-Darren-Harris\">Darren Harris<\/a> said that the page is not supposed to be accessible to the public, adding that they have protected it.<\/p>\n<p>\u201cIt probably happened when we moved the site from an older server to a new server,\u201d Harris said<\/p>\n<p><em>Thanks to Anonymous for the tip<\/em><\/p>\n<h3 class=\"my-4\">Related articles<\/h3>\n<p><a title=\"Worst passwords of 2012\" href=\"http:\/\/mybroadband.co.za\/news\/security\/62952-worst-passwords-of-2012.html\"><strong>Worst passwords of 2012<\/strong><\/a><\/p>\n<p><a title=\"Fraud control at Standard Bank raises suspicions\" href=\"http:\/\/mybroadband.co.za\/news\/security\/63062-fraud-control-at-standard-bank-raises-suspicions.html\"><strong>Fraud control at Standard Bank raises suspicions<\/strong><\/a><\/p>\n<p><a title=\"Cybercrime costs SA billions\" href=\"http:\/\/mybroadband.co.za\/news\/security\/62998-cybercrime-costs-sa-billions.html\"><strong>Cybercrime costs SA billions<\/strong><\/a><\/p>\n<p><a title=\"Android vulnerability\" href=\"http:\/\/mybroadband.co.za\/news\/security\/60998-android-vulnerability.html\"><strong>Android vulnerability<\/strong><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A tourism portal run by Intoweb is exposing the personal information users have submitted using the site<\/p>\n","protected":false},"author":15,"featured_media":59307,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_sma_x_autopost_status":"idle","_sma_x_autopost_error":"","_sma_x_post_id":"","_sma_x_attempts":0,"footnotes":""},"categories":[27],"tags":[16474,35,16472],"class_list":["post-63384","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-darren-harris","tag-headline","tag-intoweb"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/63384"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=63384"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/63384\/revisions"}],"predecessor-version":[{"id":63388,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/63384\/revisions\/63388"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/59307"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=63384"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=63384"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=63384"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}