Ticketmaster Criticised for Security Flaw

Ticketmaster7 has been taken to task because of a security flaw on their web site, patched only in the last few days, which allowed anyone to look up other peoples’ personal information. They were using a simple url with a 4 digit code number at the end to display your details. All you had to do was change the code number and it would bring up someone else’s details.

As a web programmer this is about as simple a mistake you can make in security terms, and it’s extremely surprising, and worrying, that a company like Ticketmaster7 would let this happen. Normally a web site would use precuations such as a encrypted link, or a user id matched with a password, for these types of URL links.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s