Is revealing user info?

On February 7, a site reader alerted me to a possible problem over on

Look at the description directory – it reveals all the PII when there is some in the descriptor.

After looking at the description directory, I found myself wondering about whether some of the entries were, in fact, disclosing some PII.  Instead of just posting the submitter’s comment at the time, I withheld publication to give the site a chance to explain or correct any problems.

I have written to three times since February 7 – through their site contact form and through email to Support – to ask them about the suspect descriptions. I have gotten no response.

As much as I am loathe to point people to exposed data, their failure to respond at all leaves me little choice but to warn this site’s readers that using their site could be risky.

Thanks to the reader who alerted me to the problem. And if would like to respond to the concerns, I’ll be happy to post their response or explanation.

About the author: Dissent

Comments are closed.