Yahoo fixes Flickr invitation bug that leaked real names and email addresses

      Comments Off on Yahoo fixes Flickr invitation bug that leaked real names and email addresses

00ea3b10-48a3-4b6b-83c0-d18d3d6fb234-460x276Yahoo has closed a months-old bug that let anyone access the name, email and message sent by Flickr users who invited friends to join the photo sharing service.

But the web company was criticised for acting too slowly after the bug was brought to its attention. Its staff initially suggested that the system was “working as designed” when the flaw was pointed out.

The privacy hole exposed the entire contents of the private invitations. But Yahoo engineers originally dismissed concerns, suggesting that the system was part of the invitation resend function, and insisting that “sensitive data” was not being made available.

See the full story on theguardian.com

Share