Jan Vermeulen of MyBroadband reports:
First National Bank’s online card tracking facility exposed the names, ID numbers, phone numbers, and delivery addresses of clients to anyone who knows what the reference number for the tracking service looks like.
These reference numbers are sequential, so if you know one it is very easy to guess others and, in that way, see the personal information of other FNB clients who got credit, cheque, and other cards with an expiry date from the bank.
MyBroadband was alerted to the issue by a concerned reader who said they reported the issue to FNB in July, but had received no feedback on their complaint.
Read more on Moneyweb Today. The bank wound up disabling the courier’s tracking feature on its site to remove personal information.