AU: Website glitch exposes Dodo customer details
Ben Grubb reports:
A security flaw exposed up to 500 Dodo Power & Gas customer statements on its website on Friday.
Details included customer names, addresses, power usage details and account numbers.
The flaw was revealed when a Dodo customer contacted Fairfax to say she was able to change the randomly generated eight-digit number of her statement’s URL on the Dodo Power & Gas website to another, similar one to see other customers’ statements.
Read more on WAtoday.