I accidentally broke the US Mint website.

No joke. I was just going to look at my order history so I could see if my 2021 Reverse Proof Set order went through on that end.

But the US Mint website was like:

"Oh you want to see your order info? Here ya go! Here is EVERYONE'S order info!"

 

Log in or Sign up to hide this ad.

So, you're the one?

 

could you actually click on the order and see what they were?
Seems like a pretty big flaw in their system. Exposing people's PII.

 

I didn't do it on purpose . I just wanted to see if my order went through so I clicked 'order status' and BOOM - ALLYOURORDERSAREBELONGTOME.

 

Oh dang I should go check. I didn't even think about that.

 

Holy smokes..... I might be reading about this on the news tonight!

 

You didn't break the mint website. It's been a wreck for a long time.

 

Just checked and fortunately I can say that clicking the order number did not show me any information.

It just refreshed the page so I could see the list of orders again.

I guess that’s not too big of a security issue if I can only see order numbers and prices paid along with the date.

If it showed names, addresses or payment info like CC number I would report it immediately. Afterall my own personal information is in their hands too.

 

This is what they all say, "I didn't mean to do it."

 

Well in this case I just clicked “order status” and nothing more xD.

If you can break something with just a mouse click you should work with the CIA.

 

Reminds me of a comic I saw at work one time.
NSA and CIA are trying to get into a room with code locked door.

NSA creates this crazy code to go through all kinds of things and be super stealthy to get the password to open the door without anyone knowing.

CIA just takes a hammer and smashes the lock off.

 

Sorry, I guess you fail to see the humor.

 

Well my account got logged out due to inactivity and I lost my ability to see everyone's orders. xD