(medium.com)

1121 points alokedesai | 1 comments | 28 Oct 15 19:51 UTC | HN request time: 0.208s | source

Show context

throwaway13337 ◴[28 Oct 15 21:47 UTC] No.10467670[source]▶

From what I gather from the other comments, it looks like most likely Homejoy's liquidator (Nortonsgroup) has sold Homejoy's user data to Homeaglow.

Homeaglow copied and rebranded their own tech as Fly Maids to service this user list.

replies(4): >>10467820 #>>10467905 #>>10467906 #>>10468928 #

nacs ◴[28 Oct 15 22:36 UTC] No.10467905[source]▶

>>10467670 #

> has sold Homejoy's user data to Homeaglow

Sold it with credit card numbers attached though?

That sounds awfully.. illegal even for a liquidation.

replies(2): >>10467970 #>>10468171 #

1. dguaraglia ◴[28 Oct 15 23:33 UTC] No.10468171[source]▶

>>10467905 #

They probably just exported a database of credit card tokens into a PCI-compliant system (Stripe, Braintree or the like.) The motives and method are equally shitty, but at least get some solace in assuming that your credit card number is just not out in the open.

Now... how secure this transfer of tokens was, no idea. So there could be a DB dump somewhere with a token to my credit card, and anyone can use it to start charging from it. I'll keep an eye on my bills.

↑

Didn’t Homejoy Shut Down?