Threat Post -
Usernames, passwords for database sent in prize redemption emails.
McDonald’s UK Monopoly VIP game kicked off at the end of August, and a recent round of emails sent to winners of the game’s various prizes included more than a coupon for free fries. The franchise accidentally inserted passwords for a McDonald’s server that hosted information tied to the UK Monopoly VIP game.
In the wrong hands, these credentials could have been abused to rip off players or cheat the game on a massive scale, according to experts. The gaff was spotted by researcher Troy Hunt, along with some tech-savvy winners who realized what they had.
McDonald’s said it quickly changed the server passwords when it the error was brought to its attention.
Human error, warn cybersecurity experts, is nearly impossible to mitigate against, Mohit Tiwari, CEO of Symmetry Systems told Threatpost. He said the incident should
The post McDonald’s Email Blast Includes Password to Monopoly Game Database originally appeared on Threat Post.