Discussion in 'Theme Parks Attractions and Strategies' started by *I'msoooBelle*, Oct 3, 2018.
With how screwed up MDE is on the front end, can you imagine what the back end looks like?
I don't know how you all get in to any account. When I sign in mine comes up for split second, long enough for me to see my name, and then goes back to the sign in page. The number I was given to call for support has a wait of 30 minutes or longer. I saw this thread right after that starting happening but gave it a day to see if things would change.
Agreed. I hope Disney is investigating this to assess the magnitude.
We've been affected by too many breaches (Home Depot, Equifax, Chili's, OPM, etc.). We really need to know if this is a situation where personal information may have been compromised.
Interesting. That hasn't my experience. I just logging into to see if it would do that and I logged in once and got to all the various screens without having to login again. This whole system seems to some weird inconsistencies.
What worries me is that in order to deploy a patch assumes they know what the problem is and that a patch has been written to fix the problem. It's a race to find and fix the problem before someone else realizes there's an opportunity here and exploits it.
We've been affected by too many breaches already. We don't need another one.
I only log in once and click all over the site looking at my trip and personal info.
I had this happen about a year ago. I logged in, and in addition to my family’s info, I saw another family’s info as well. I even could have reassigned their park tickets! Ridiculous. As much as I dislike the recent update (I get stuck in loops that direct me to log-in over and over and over...never getting me to the page I want. I’ve had to call several times this week just to do things like make a reservation. And when I made the reservation, I then discovered it was made for two adults instead of for myself and my 7 year-old DD. So I had to call again to fix it). This is not anything new, though. This glitch has been happening for some time. I will never understand Disney technology!
After all IT worked so well before they did this didn’t it?
Nope. This is always been a disaster of a shop.
While I would like those people to get their jobs back I don’t think that’s going to fix our problems
I don't really want to be seen as a company apologist here, as I'm as annoyed by technical glitches as anyone else and think it's entirely valid and helpful to report bugs.
But people are saying things like -
I hope Disney is looking into this -- when there's no conceivable way people aren't pulling long hours to troubleshoot and squash bugs. It's possible that it's squashed already as soon as they saw it was happening. And if it happens again, let them know so they can figure out how to replicate the issue.
The company refuses to spend money on application development - when MDE has a huge ongoing development budget, to say nothing of the initial billion+ dollar project that it was part of.
Disney just lays people off - but hiring is cyclical. And outsourcing does happen but it often permits more investment here at home. In any case, some people complain about cutbacks over decades and the truth is that there has been net expansion in jobs and projects, including MDE itself.
Well, at the very least, at no point in the past has anyone logged into the Disney website to see other familes’ detailed vacation plans, which is happening here today, so...
When I said I hoped they were looking into this, I was referring to the personal information/data breach aspect of this. I'm sure this is already an all hands on deck situation to find and plug the hole. I suspect they knew about it before we did...at least I hope so.
I don't want to this to wind up being another Uber situation.
There is a poster in this thread stating this happened to them about a year ago so it apparently has happened in the past.
Mine has been doing this exact same thing for a few days now and it's beyond frustrating!!!! I have tried doing a hard shutdown of my laptop, clearing the history, trying different search browsers....nothing seems to work. Have you had any luck getting thru to support? Would you mind posting their number, I will also try calling tomorrow. Thank you!
Because when your retailer has a breach, most times it is through the merchant services 3rd party business. There the entire CC number, your expiration date and the other information stored on the magneticc strip. I don't think that this has the opportunity to access your credit card.
There's a different group that manages the load balancers vs the developers, possibly geographically separated. The sessions are timing out and moving people to a different server and the session IDs are inexplicably being reused.
Without getting into the weeds technically, it's not likely you can actually change someone else's bookings. That said, the fix will be tricky, so don't hold your breath.
If someone accidentally views you profile they can see your last for of the card, you name as it appears on your card, and the expiration date. In the wrong hands that can be very useful.
IMHO, the real problem would be a hacker gets wind of people being able to see other peoples accounts and then attack and exploit the security hole. They your whole card number is within their grasp. And make no mistake about it, if there's a situation where one person can see another persons account then that's a security hole that can be exploited.
Hopefully that hole is plugged already.
It's virtually impossible to know which session you'd see if/when you timed it just right to be shown another session's information. So while it is true that there is a serious data exposure issue, it's still highly unlikely you'd be able to correlate it with someone you know. That other random person just happens to be logged in at the same time on a different server. Next time it'll be a totally different random person's info.
Somehow I don’t feel better.
Just in case it's helpful... I had the same issue with an airline I was trying to log in with. It turned out the problem was at my end, I'd blocked enough cookies that the website wasn't able to stay logged in and would kick me out a moment after I did, every time. I can get a bit block-happy lol.
Ummm that's definitely not true. Yes you heard about those breaches all over the news, but it was MONTHS after the breaches actually occurred. Many times these breaches can go on for several months on their own. And the fact is many of these breaches occur and you never know about it. The card issuer is generally prohibited from telling you why they are requiring you to get a new card and in many cases they don't even know. They are only given a batch of potential affected cards and told to stop them and re-issue.
Yep probably right. It is very possible sensitive information may be exposed on the MDE app right now. Seeing other people's plans doesn't really have much to do with that in my experience. If critical info is accessed in the same way generic information is through backchannels of MDE then there are much bigger problems. I would agree Disney IT is about as unreliable as it gets, but doubt even they would have it setup that way.
If this happens again.... anyone.... take a screen shot and print it or save it. Make sure the date and time are on it. At least then, if you report it, they will have something to look at to try to figure out what's happened.
Separate names with a comma.