Less than one week after Ben Grubb reported privacy concerns or the potential for abuse of a new mobile app, he reports that there’s been a breach:
Westfield’s new mobile app has been caught leaking customers’ car number plate data on to the public internet, allowing for “anyone with the knowhow” to monitor when cars entered and exited its Bondi Junction shopping centre car park.
Sydney software architect Troy Hunt discovered the leak and posted about it on his blog yesterday, saying the hole could have potentially been used by stalkers, a suspicious husband tracking his wife, an aggrieved driver holding a grudge from a nearby road rage incident and a car thief with their eye on a particular vehicle.
Shortly after his blog was posted Westfield and the developer of the app’s technology, Park Assist, closed the hole.
Read more on The Age.