Adjust Text Size

FeedBurner Leaked my Sensitive Personal Information

Written by Nickel - 14 Comments

Bank Deal: Earn 1.00% APY on an FDIC-insured savings account at Barclays.

As many of you know, I manage my RSS feed through FeedBurner. As you may or may not know, FeedBurner has recently developed a mechanism for monetizing RSS feeds by placing ads at the end of posts within your feed. This program is in the process of being rolled out, and participation is currently by invitation only.

Well, last night I learned that I had been invited to participate, so I signed up to see what it was all about. Not long ago I received a welcome e-mail, and shortly thereafter I received two messages about ads being available for my feed… The problem was that, while one of these messages was meant for me, the other was clearly intended to go to Jim of pfBlueprint.

When I contacted Jim about this glitch, I learned that FeedBurner is having trouble keeping their publishers straight. In fact, he told me that when he logged in, MY payment information (including things like my social security number) came up in HIS account. Nice. Really nice. FeedBurner has now officially shared my sensitive personal information with at least one other person. Fortunately, I know and trust Jim, and I’m not particularly worried that he’ll try to steal my identity. That being said, I’m still more than a little bit pissed off right now. And I’m still not sure how many other people got this information.

After reporting this to FeedBurner I received a prompt reply thanking me for my patience while they look further into this matter. Guess what? I’m not feeling particularly patient right now.

Update: It’s still not clear what happened, but apparently it’s a glitch in the FeedBurner system, as the signup process is totally automated — thus, there’s no room for a simple data transposition. The only thing that Jim and I have in common (aside from our stunningly good looks and the fact that we run two of the best personal finance blogs in existence ;)) is that we both signed for the FeedBurner Advertising Network at roughly the same time last night. I should also note that the folks at FeedBurner have been very responsive and are working hard to sort out what went wrong.

Published on May 5th, 2006 - 14 Comments
Filed under: Identity Theft,Online

About the author: is the founder and editor-in-chief of this site. He's a thirty-something family man who has been writing about personal finance since 2005, and guess what? He's on Twitter!

Comments (scroll down to add your own):

  1. I’m glad you let me know. I was about to give FeedBurner all my juicy information, but I think I’ll hold off on doing that while they sort out their problems.

    Comment by Anonymous — May 5th 2006 @ 3:00 pm
  2. I only bought myself a pizza and some beers with the credit I signed you up for. I’m a nice guy. ๐Ÿ™‚

    Comment by Anonymous — May 5th 2006 @ 3:14 pm
  3. Oh wow, that’s a big hiccup. I wonder how long until the class action lawsuit begins?

    Comment by Anonymous — May 5th 2006 @ 3:47 pm
  4. unless they find more, never, don’t have a class ๐Ÿ™‚

    Comment by Anonymous — May 5th 2006 @ 3:51 pm
  5. Hi there, thanks for the note. We will continue to review this situation in our staging environment. We have numerous publishers in our ad network and we rigorously test all parts of our application, especially those secured using SSL, for proper handling of sensitive data. We will continue to analyze this scenario and keep you informed.

    Comment by Anonymous — May 5th 2006 @ 6:21 pm
  6. Sorry to hear this — but you got a link from ProBlogger out of the deal! ๐Ÿ˜‰

    Comment by Anonymous — May 5th 2006 @ 7:40 pm
  7. Jim, I’ll give you fifty bucks for Nickel’s identity!

    Comment by Anonymous — May 5th 2006 @ 8:51 pm
  8. That’s probably not only a breach of their own privacy policy, but could be illegal depending on what state you live in.

    Check out the FTC’s page on id theft: and check your credit report (you get one copy free from the govt each year from each credit agency at Get a copy of one now, and another one in 3-6 months and make sure nothing fishy is going on.

    Best of luck,

    Comment by Anonymous — May 5th 2006 @ 9:27 pm
  9. Nickel’s social security number is… get a pen now… 123-45-6789. If I didn’t see it with my own eyes, I wouldn’t have believed it myself but he is in fact the person who has that SSN.

    Don’t bother signing up for any credit cards, I tried and was declined three times. His credit is awful.

    Comment by Anonymous — May 5th 2006 @ 10:32 pm
  10. Pogue,

    It’s not that it’s illegal to have a data breach. But depending on what state the victims live in, it’s illegal to NOT disclose it.

    25 states have data breach notification laws. 10 of those do NOT require that information be materially compromised or likelihood of harm
    before notification required. I don’t know the details, but you may be required to disclose this in writing to many of your customers regardless. If you need help (no charge), contact me at tfragala [at]

    Nickel–what state do you live in?

    Comment by Anonymous — May 6th 2006 @ 12:10 am
  11. Scary! I think I’ll have to wait looking into this FeedBurner feature.

    Comment by Anonymous — May 6th 2006 @ 8:19 pm

Leave a comment

Because rates and offers from advertisers shown on this website change frequently, please visit referenced sites for current information. This website may be compensated by companies mentioned through advertising, affiliate programs or otherwise.