Wag Labs is in the doghouse with its customers after accidentally exposing web pages that revealed such information as client addresses and lockbox codes.
Wag’s smartphone app connects dog owners with dog walkers, who are thoroughly vetted and tested on their dog walking skills. Owners are able to request a walker immediately or schedule future walks. The company provides customers with a lockbox for their keys, and walkers are then given the code to enter so they can pick up the dog.
According to The Wall Street Journal, the exposed information was located on obscure pages on Wag’s website that weren’t password-protected.
It’s unknown how long the pages were visible, and while it hasn’t been revealed how many people had their information exposed in the data breach, WSJ was able to see the records of more than 100 customers, including more than 50 with lockbox information, on just one day. It appeared that the information on those pages was replaced with new records every day or two.
Wag said it was notified last week of a “technical glitch” in its software, which was fixed hours later. The exposed information didn’t include financial data or social security numbers. So far, there is no indication that the information was accessed by hackers, or that any homes were broken into as a result.
“Wag has prioritized the security of our customers at each stage of the company’s development,” and has security processes and policies in place, the company said.
Wag was valued at $200 million in April 2017 after it raised $45 million, bringing its total raised to around $60 million.