Blippy Snafu Sends Advertising Agencies Warning
The data security debacle that landed consumer credit card data in Google search results and "raw transition data" in the HTML code on some Blippy pages should serve as a warning to the advertising industry as it becomes more entrenched in technology. Some traditional marketers don't fully understand the consequences.
For those who sign up for the service, Blippy shares purchases with friends. All of them. Blippy Co-founder and Chief Executive Officer Ashvin Kumar wrote in a blog post Monday that the company noticed the error as early as February, calling it a "technical oversight" that exposed data. Apparently, entering the search term "site:blippy.com + outstanding" into a Google query returned the credit card numbers and recent purchases of some Blippy members. "We incorrectly considered raw data fairly harmless," he wrote.
The Blippy's data breach demonstrates how easily a software coding error or poorly configured system can expose valuable and damaging data about a company and its clients, according to E.J. Hilbert, president of Epic Advertising's Online Intelligence Division.
Hilbert, who served as director of Security Enforcement for MySpace, and a cybercrime Special Agent for Federal Bureau of Investigation, says as soon as hackers discover a breach like Blippy, they do everything possible to gain other information from the breach, as well as determine the havoc they can wreak.
"Data that a company does not find valuable may, in fact, be incredibly valuable to someone else," Hilbert says. "Any company that collects data about clients, customers or employees needs to make sure they secure and protect that data as if the data was about the company CEO, president or other high-level executive prior to going live with their product."
Online Intelligence offers antifraud and anti-abuse services to parent company Epic Advertising. The unit looks at how Epic client's data is controlled, used, and pushed through and makes recommendations. The advice includes protecting the consumer data from clients, such as credit card data and personal information gathered during advertising email campaigns and promotions. Most agencies don't share enough client data with security firms to protect customer data and guard against click fraud.
Some companies are putting into play methods to protect data, but many aren't thinking that way, Hilbert says. "They don't realize the significance," he says. "Obviously, the FTC thinks it's significant. Ad agencies will need to find a way to protect the data."
In early 2000s, when major companies were getting hacked into and credit cards being stolen, Congress decided the payment card industry needed to develop a process to protect consumers. So they created PCI Compliance, a set of rules protecting the use of payment cards, who can use what data and how.
The most profitable use of hacking is spamming and advancing malware, but errors similar to the one that happened with Blippy will also rapidly become a lucrative business if companies don't pay more attention to protecting consumer data collected from advertisers or third-party aggregators. "Information is information, and if you're smart enough to know how to use it, the data becomes very important," Hilbert says.
Online Intelligence will launch in the next few weeks software that enables companies to spider the Web to identify the advertisement related to the independent marketers or affiliates that own it. Hilbert says the software will also identify spyware or malware, as well as provide services to advertisers or celebrities to protect brands.
Hilbert wants to educate others that support advertising agencies and clients because Online Intelligence can't protect them all. "Online advertising is mainstream; it's not something you play around in," he says. "Every major company needs to be in it. And being in it means you must protect your clients' data."
Recent Online Media Daily Articles
-
Vice, Twitter Partner For Mobile Show May 23, 2:14 p.m.
Simultaneously expanding its video and social strategy, Vice on Thursday unveiled #dailyvice -- a daily show ... -
MediaVest Database Charts Brand Experience, Social Media Impact May 23, 12:11 p.m.
After a year-long research effort, Publicis Groupe’s MediaVest has created a massive database designed to help ... -
Discovery Launches TestTube.com, Ups Digital Video Involvement May 23, 11:27 a.m.
Discovery Communications is looking to get into the digital video platforms in a big way -- ... -
Network Advertising Initiative Proposes New Mobile Privacy Rules May 22, 9:03 p.m.
Moving forward with its plan to issue mobile privacy rules, the self-regulatory group Network Advertising Initiative ... -
Entertainment, Travel Bet On Mobile Banners May 22, 4:16 p.m.
Banner ads have long been the whipping boy of online advertising, and the same is now ... -
Marketers Should Tailor Specific Pitches To Tablet, Smartphone May 22, 2:51 p.m.
Don’t lump tablets in with mobile. That’s the takeaway of a new Forrester study looking at ... -
Good TV Content Trumps All, Trad TV Or Streaming May 22, 2:42 p.m.
While consumers continue to perceive TV programming as superior in quality to that of online fare, ... -
Google Releases Self-Serve Display Benchmark Tool May 22, 2:02 p.m.
Understanding how a brand's online campaign competes with competitors requires trending benchmark data like engagement rates ... -
Twitter Brings Lead Generation To Tweets May 22, 1:14 p.m.
Twitter began testing a lead generation tool Wednesday in its tweet stream that resembles a cross ... -
DigitasLBi, Razorfish Tap Execs For Global Ops May 22, 11:26 a.m.
Publicis Groupe digital agencies DigitasLBi and Razorfish have installed new executives to run their respective international ...
Be the first to comment on "Blippy Snafu Sends Advertising Agencies Warning"
Leave a Comment