Pizzahut Malaysia has this so called online ordering system. It has a very bad security feature: once you key in a valid phone number which has ordered before, you will be able to see the personal information: Name, Address and comments (which Pizzahut uses to send the pizza to your doorstep), no verification needed!
How to test: Go to https://www.pizzahutonline.com.my/, under REGISTRATION, click Register and then key in a phone number which has been used previously to order from Pizzahut.
I have tried key in 3 numbers (old house, current house and office), all three return me the personal information of the person ordering.
This sucks big time! Imaging someone program a little software to loop all the phone numbers and get all the personal information they want and sell them to scammers (high court scam/lottery scam/kidnap scam)?
Little suggestion here: at least make the need of verification (thru SMS/land line) before you show the personal information, Mr. Pizzhut!
