An online payment system owned by PayPal has security problems? Say it ain’t so! Millions of Venmo transactions scraped in warning over privacy settings.
“There’s truly no reason to have this API open to unauthenticated requests,” he told TechCrunch. “The API only exists to provide like a scrolling feed of public transactions for the home page of the app, but if that’s your goal then you should require a token with each request to verify that the user is logged in.”
You want a Modern Tech Company™ to spend time and resources on YOUR privacy? There is no privacy. (F*c*book’s lawyer said so!)