Nearly 200 credit card transactions shared on social networking site Blippy have been exposed - with full credit card numbers included - in Google search results, according to Mashable.
Mashable reader Trey Copeland wrote to the Web news serive with a link to results for the search: site:blippy.com +"from card".
Search returns appear to highlight debit and credit card transactions with the amount spent, the specific location and the full card number.
Given the apparent breach, Mashable suggests that Blippy users who have authorised the site to access their debit or credit transactions take immediate action to revoke access.
In a statement, the company tries to downplay the incident: "We take security seriously and want to assure Blippy users that this was an isolated incident from many months ago in our beta test, and doesn't affect current users. While it looks super-scary and certainly sucks for those few people who were affected, and is embarrassing to us, it's a lot less bad than it looks."
The firm says it intends to introduce third-party security audits, and promises to be "a lot more careful before new features are released, even if it's during a small, limited beta test period".
Blippy went public in January enabling users to link a card, as well as accounts at outlets like iTunes and Amazon, to the Blippy site, which then automatically provides a Twitter-style stream of purchases.
The start-up recently completed an $11.2 million funding round, giving the Palo Alto, California company a post-money valuation of $46.2 million
Blippy users credit card numbers exposed in Google search results - Mashable