[Deleted] joins the crowd of companies who fail to take online security seriously. I would never have believed this unless I witnessed it myself, but my friend Paul showed me this yesterday. Unbelievable.
From Paul English:
Hackers take notice: if you want to get access to any [deleted] credit card account online, just go to the sucky [deleted] link here, enter the 16 digit credit card number as the user id, and then enter [deleted] as the password.
* You found a security hole. Now what? (2012-12-11)
https://freedom-to-tinker.com/blog/felten/you-found-a-security-hole-now-what/
In the spirit of full disclosure, Paul English is/was a client of Clock Tower Law Group and is mentioned and/or linked in this article.