African Buying Site Exposing Customers’ Personal Data to Third Parties

Bob Styran, IT audit expert
January 19, 2011 /

A local online buying site in South Africa has exposed personal details of its customers to third parties during the height of the presence of Google’s Groupon in the country.

Buying site WiCount found itself in hot water after technology blogger Christopher Mills said he received a zip file from WiCount containing full names of the buyers, their contact details and the amount they paid for different products. Another instance was the availability of public links leading to pages that display personal information of buyers.

WiCount is not the only buying site in South Africa, though, with competitors such as Twangoo acquired by Google to launch its Groupon product in the country, which is believed to have pressured the buying site to boost strategies to gain bigger market shares.

The local buying site operates at certain bracket of the number of customers being registered to buy their products, meaning they have to reach a minimum quota, after which customers will be receiving emails from the buying site regarding product updates and development.

WiCount allegedly contained links that direct to pages containing personal information of registered customers, exposing them to the possibility of becoming targets of telemarketing strategies of third-party advertising firms.

WiCount director Dan Palay watered down speculations of privacy breach, saying customers’ credit card information and other personal details remain safe from third parties. Palay said problems with their website hosting have caused the glitch.

The links in the buying site leading to a list of personal details have already been removed, but cached pages are still visible to any internet users using search engines, which means there is still the probability that personal information of registered customers could still raise security issues in the future.

 

Share your opinion