Supermarket giant decides it's time to act... but not apologise (about the credit card blunder or the adverts with fat-tongued mockney chef Jamie Oliver)...
By Sally Watson
Published: 26 October 2001 15:55 GMT
Sainsbury's has promised to beef up its website security after its new home shopping service left credit card details exposed online.
The supermarket giant was left with egg on its face after silicon.com revealed that a design flaw in its SainsburysToYou service meant users could re-access account details by simply using the 'back' button on their web browsers.
At the time Sainsbury's advised users to close their browsers after visiting the site, recommending this action "for any site where you are providing personal details as many secure sites also operate in this way".
Sainsbury's site promised customers could "rest assured" that shopping was safe and transactions protected. "Any page containing your personal details, passwords or payment details is delivered using 128 bit secure socket layer encryption," it said.
But a basic coding mistake meant secure information was not cleared from its pages.
Now the company has admitted its fault and a spokeswoman told silicon.com: "Work is being undertaken at present to resolve this and we expect it to be completed very shortly."
While they're working on it, the development team at Sainsbury's might like to take a closer look at their postcode database. According to website auditors Business2www the information is at least a year out of date - recognising some codes which the Post Office has now scrapped, but not new ones brought in last year.
Claims by the supermarket that its site is only a pilot and has not yet officially launched have angered customers, because the site at www.sainsburystoyou.com makes no mention that it is still under development and allows them full access to its services.
this is the to develop your career with a company that counts Barclays, PayPal, PwC, Sony, O2 and Sainsbury? To apply for the role of Creative Web ...
Visio/Illustrator/Photoshop and developing your designs using CSS and HTML The person we're looking for has: - A strong portfolio of interactive web ...
Essential skills & experience: * CISSP or similar security certification, * 3+ years experience as a System Engineer with expert knowledge of two or ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Is Your Enterprise Architected for Tomorrow's Growth?
Improving IT service delivery through an integrated approach to software asset management...
TechRepublic Resource Guide: Software as a Service (SaaS) for Small and Midsize Businesses...
Download a Free Trial of SmartDraw: Learn why SmartDraw is the ideal alternative...
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy