Former Foreign Minister Boris Johnson is seen as the bookmaker's favorite to succeed outgoing Prime Minister Theresa May.Europe Politicsread more
An analyst for Ark Invest, which has a major investment in Tesla, says recent drastic price-target cuts by others on Wall Street are missing the big picture.Investingread more
Rep. Chip Roy, R-Texas, has objected to a $19.1 billion disaster relief bill that was expected to pass unanimously Friday. The bill is likely to next be considered when...Politicsread more
The markets have been slow to recognize the high-stakes game that's playing out on the world stage.Economyread more
One of the biggest Chinese chipmakers is delisting from the New York Stock Exchange amid the trade war, but the company said the decision is not related to the intensifying...Marketsread more
President Donald Trump, his businesses and members of his family on Friday appealed a federal judge's decision that Deutsche Bank and Capital One can turn over years of...Politicsread more
Facebook's founder Mark Zuckerberg has held talks with the Winklevoss twins, his old rivals, about the social media giant's developing digital currency, the Financial Times...Bitcoinread more
May had failed to win a parliamentary majority on Britain's withdrawal from the European Union.Europe Politicsread more
The Trump administration proposed Friday to roll back health-care protections for transgender people by ending an Obama-era policy that prohibited health providers from...Health and Scienceread more
Sears opens its first Home & Life stores and plans to open more as it looks for a fresh start after bankruptcy.Retailread more
Analyst Michael Olson says he has "a high degree of confidence" that Amazon shares can reach the level without "significant changes to the business."Investingread more
Personal details, including credit card information, of the mobile customers of greetings card company Moonpig have been exposed to hackers for over a year, a developer has claimed.
A security flaw in the company's app – which lets people design and send custom cards and gifts – enables hackers to intercept personal information sent by users to Moonpig's main servers, according to a blog post by Paul Price, who describes himself as a developer on his website. Cybercriminals could even place a product order through another user's account, he claimed.
Moonpig, which is owned by UK-based Photobox, said customers' information was not at risk, but it had closed down the app and was investigating the claims.
"We can assure our customers that all password and payment information is and has always been safe," the company said in a statement.
Price claimed to have told Moonpig about the app's vulnerability on August 18 2013, and the company said it would "get right on it." Price then followed up on September 26, 2014 and Moonpig said the issue would be resolved around Christmas. After nothing was done, Price said he decided to reveal the flaw.
The security loophole was found in the Application Programming Interface (API), which allows Moonpig's mobile apps to communicate with its main servers. The information transferred via the API – such as personal details – was not securely encrypted, according to Price, allowing him to intercept the communication.
The developer's post also showed that a hacker could get the last four digits of a user's credit card, but not the whole card number.
Moonpig's Android app has been taken offline following the report. The desktop and mobile websites were unaffected.
One security expert said it would be hard for a hacker to steal full payment information through the flaw, but warned that personal data could be collected and used for other scams, such as an email phishing attack. This is when an email with a malicious link is sent to a user.
"You can't get a password, you can't change a password and can't get full credit card information," EJ Hilbert, head of cyber investigations at Kroll EMEA and former FBI agent, told CNBC by phone.
"Could you hack into accounts? No. Could you use that information for other scams? Yes."