Summary:

MemoryToGo’s customer database is exposed to the world, allowing for all sorts of mischief.

With the recent leaks of consumer information from ChoicePoint and Lexis-Nexis, identity theft is a front-page concern. How is this related to Apple and Macintoshes?

Long-time Mac memory vendor Memory to Go appears to be running their online store in a horribly insecure fashion. It’s unclear at this time whether the lack of encryption is the only problem or if the individual order status pages can be accessed by changing an ID number in the URL, as has been done elsewhere.

This is utterly unbelievable, and both Memory to Go and the credit card company insist that it’s the other’s problem, leaving the cardholder out in the cold with his data available for anyone to see.

Lesson to be learned: never buy anything online unless the site uses https.

Comments have been disabled for this post