Remember back in January when we mentioned Blippy, the ridiculous social networking site that lets you tell the world about everything you buy? Turns out that it’s also a great way to tell the world your credit card numbers.
Earlier this year we talked a bit about Blippy. Simply put, it works like this: You create an account and attach your personal financial information to it, like your credit card numbers, and then whenever you make a purchase with one of your cards, it’s posted in a Twitter-like fashion to the Blippy site for all the world to see. Why would you want to do this? Because you’re a desperate attention whore with no sense of discretion, a point we covered in our original report.
Anyway, the past couple of days have been a classic good news/bad news scenario for Blippy. Good news: On April 22, the company announced in a New York Times story that it had raised $11 million in venture capital. Bad news: On April 23, somebody figured out that a whole lot of credit card numbers belonging to Blippy users had been plastered all over the internet and were just waiting to be dug up by anyone with a working knowledge of how to spell “Google.”
That, as my dad likes to say, is not good news. Not for the cardholders and certainly not for Blippy, which will no doubt find itself exposed to no end of legal unpleasantness as a result of this oddly hilarious oversight. A lawyer who spoke anonymously to VentureBeat said the company needs to brace not just for an onslaught of angry customers but also for the U.S. government, since it may have failed to comply with FTC rules on protecting customer privacy.
“Noncompliance could open a company up to an FTC law enforcement action, including civil penalties and injunctive relief,” the lawyer said. That could mean anything from hefty fines to being forced to close down. Blippy seems to have put a lid on most if not all of the rogue information, but don’t worry: At least one public forum has posted lists of the numbers, along with cardholder names, and they’re not bothering to redact anything.
One final kick in the junk: Because it’s now public knowledge that Blippy has more than $11 million kicking around, VentureBeat said “the odds are higher than before that lawyers will look for ways to sue.” Boy, that’s the kind of bad luck and crappy timing you just don’t see every day.
