Monday, March 23, 2009

Stolen information left in Google Cache

| Brett D. Arion |
According to recent accounts, an abandoned fraud site's payload of 20,000 plus credit cards ended up getting discovered in Goggle Cache pages. The site which was registered from within Vietnam included all of the information for the cards listed including the credit card number, expiration dates, and the names and addresses of the account holders. The cards were from major issuers such as Visa, Master Card, American Express, Solo, and Delta. According to some, the information was still available as of yesterday.

Google or any search engine that caches information is bound to hold this type of information. A well-formed query will quickly turn up such information in any search site, with Google ultimately holding the easiest ways to query site information (IMHO of course). A simply query I just did as I was posting this revealed some2680 results with many of the results having the same information listed here, or dumps for sale giving such information. The sites range anywhere from forums that have nothing to do with this information, to personal web pages.

You can see the original post on Slashdot by clicking here, but my question to all of you is how is this perceived as a Google issue? Should the blame be more focused on the hosting provider? Would the information have still been there when the next customer received the server image?

Free Security Magazines