Sorry, but this blog post indicates that Blippy is in no way serious about security. Blippy handled sensitive data (credit card numbers) in a highly insecure fashion, and rather than treating it like a full-scale emergency, which it is, regardless of the number of people affected, we get this "hey, it's no big deal" blog post.
What other massive security mistakes are lying around in their codebase? Why does this sort of reply give me absolutely no faith that they'll deal with those problems seriously when/if they arise?
What other massive security mistakes are lying around in their codebase? Why does this sort of reply give me absolutely no faith that they'll deal with those problems seriously when/if they arise?