"Curzon cinema has admitted a major app failure that left dozens of customers' personal details exposed to complete strangers. The upmarket cinema chain which runs 10 venues across London plus its Curzon Home Cinema streaming service said the error meant other users could see people's names, emails, phone numbers, dates of birth, profile photos and membership tiers. In some cases, even the last four digits of saved bank cards were visible."
"The blunder, caused by a technical configuration error, ran from November 25 to December 2 and hit customers using the iPhone app across both cinemas and the streaming platform. Jake Garriock, Curzon's Director of Publicity, said the firm believes "less than 50 people were affected" based on complaints received so far. He added that the Information Commissioner's Office hasn't asked for more information since Curzon flagged the breach on December 1. "We've kept them updated throughout the process," he said."
An app configuration error at Curzon exposed some customers' personal details to other users between 25 November and 2 December. Exposed fields included names, emails, phone numbers, dates of birth, profile photos, membership tiers and, in some cases, the last four digits of saved bank cards. The issue affected users of the iPhone app across cinema venues and the Curzon Home Cinema streaming platform. Curzon stated that no one was ever logged into another member's account, no full card details were shown, and purchases and log-ins remained tied to the correct member. A caching bypass rule was implemented on 2 December and the incident was reported to the ICO.
Read at www.standard.co.uk
Unable to calculate read time
Collection
[
|
...
]