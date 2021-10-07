Pen Test Partners shared the news that BrewDog exposed the details of more than 200,000' Equity for Punks' shareholders for over 18 months, along with many more customers. During this time, every mobile app user was given the same hard-coded API Bearer Token, rendering request authorization useless and making it possible for any user to access any other user's PII, shareholding, bar discount, and more. BrewDog did not inform shareholders or customers of this breach of privacy until too much time had passed.

ECONOMY ・ 1 DAY AGO