A series of gaffes at Blippy, Google, and a Midwest bank exposed the credit card numbers of four individuals within Google search results for more than two months. Friday was easily the worst day in the history of Blippy, a young start-up that enables people to create social networks around sharing information on goods and services they buy.
VentureBeat discovered that credit card numbers of four Blippy users could be found in Google's search index, and it published its findings in a story, forcing the start-up's three founders to scramble to repair the damage and get the numbers removed from Google's search index.

Blippy acknowledged that it should not have exposed raw data containing credit card numbers to the Internet in February, when it was working on the site. But Google confirmed that its search bots should have noticed that Blippy had removed that raw data promptly when its crawling technology made its next pass across Blippy's site, which may have never happened.

A Google representative said the company was looking into why its technology did not update its cache of Blippy's pages for more than two months, declining to comment further.

The problem began when Blippy made a few changes to its Web site code in early February, inadvertently exposing the raw data that banks send to the service when a credit card user makes a purchase. That data usually includes innocuous data such as time, date, amount, and location of the purchase, and Blippy realized that it needed to scrub that data from its site when it discovered that confirmation numbers for airline tickets were exposed.

The link for this article located at CNET is no longer available.