Ticketmaster7 has been taken to task because of a security flaw on their web site, patched only in the last few days, which allowed anyone to look up other peoples’ personal information. They were using a simple url with a 4 digit code number at the end to display your details. All you had to do was change the code number and it would bring up someone else’s details.

As a web programmer this is about as simple a mistake you can make in security terms, and it’s extremely surprising, and worrying, that a company like Ticketmaster7 would let this happen. Normally a web site would use precuations such as a encrypted link, or a user id matched with a password, for these types of URL links.