McDonald's leaks password for Monopoly VIP database to winners

Bleeping Computer -

A bug in the McDonald’s Monopoly VIP game in the United Kingdom caused the login names and passwords for the game’s database to be sent to all winners.

After skipping a year due to COVID-19, McDonald’s UK launched their popular Monopoly VIP game on August 25th, where customers can enter codes found on purchase food items for a chance to win a prize. These prizes include £100,000 in cash, an Ibiza villa or UK getaway holiday, Lay-Z Spa hot tubs, and more.

Unfortunately, the game hit a snag over the weekend after a bug caused the user name and passwords for both the production and staging database servers to be in prize redemption emails sent to prize winners.

An unredacted screenshot of the email sent to prize winners was shared with BleepingComputer by Troy Hunt that shows an exception error, including sensitive information for the web application.

This information included hostnames

The post McDonald's leaks password for Monopoly VIP database to winners first appeared first on Bleeping Computer.

Read More.....

Tags: