WEB development and search engine optimisation specialist Mark Edwards, from Coast company iEnhance, has urged businesses to immediately review the security of their websites.
He recently took on a client that had lost its Google ranking and had problems with programmers.
Mr Edwards noticed some shocking gaps in security when he took a closer look at the site.
“We found we could access the personal details of customers, by simply changing some fields in the URL string.
“More frightening was that we could also hack into our client’s other websites simply by changing a very small part of the URL.
“Any school kid would know how to do this sort of thing, it is not complex hacking.
“With this access, we were quickly able to access my client’s financial information, as well as business history (and their clients’ information).”
Mr Edwards said the important thing to note was just as he could access this information so easily, so could Google.
“My client was extremely fortunate that Google had not indexed the “private” parts of the site, and had not published all of the details.
“The costs involved in breaching privacy like this would be enough to have put our client out of business very very quickly. It absolutely infuriates me to know that people are having their businesses put at risk due to people not understanding the ramifications of their incompetent actions.”
Mr Edwards said you should do your homework and ask for references when you are getting someone new to work on any part of your business.