Security Breach in Outbrain?
Recently, I installed the Outbrain rating widget on my blog. Outbrain is a great tool that enables readers to rate each of your posts, and suggests relevant posts to them depending on their rating history. I'll write more about Outbrain in one of my upcoming posts, as it is one of my favorite widgets. But as I discovered today, Outbrain still has its flaws - and today I think I found a serious one.
Earlier today, when I checked entrances to my blog using my FEEDJIT widget, I saw I got an entrance from a URL in the Outbrain domain (www.outbrain.com). When I clicked that URL (as I often do, curious to see who's referring to my Blog), I saw that it was actually some kind of testing website of Outbrain, containing information about blogs that recently installed, updated, or uninstalled the Outbrain widget. Nothing extraordinary so far... However, by further browsing in the page, I found out that the site also contains some personal information, like registered users' e-mail addresses, or statistics which I think should remain only with the registered user, like how many outbrain clicks he got so far...
I won't expose the specific URL I'm talking about here, as I don't want to increase the potential damage from this security breach. I will however share a partial screenshot of the mentioned site (blacking out all personal data, of course).
On discovering this issue, I immediately contacted Outbrain's CEO and one of their support employees (with whom I'm familiar from previous support sessions). Past experience proved me that Outbrain's response is usually prompt and efficient, and this was also the case now - after approx. two minutes I got a response from the CEO, saying they're looking into the matter ASAP. I'll update this blog once I get an official response from them.
2 comments:
Hey - I'm Outbrain's CEO. Thanks for catching our glitch and notifying us about it. The report included details of a few of our installs yesterday, and did NOT include any other emails or any other personal information beyond that.
We've promptly fixed the glitch and apologize for it.
Thanks again for catching this and posting about it!
Yaron Galai (outbrain's CEO)
If you're looking for an excellent contextual advertising network, I suggest you take a look at Propeller Ads.
Post a Comment