Fashion retailer Express left customers’ personal data and order details exposed to the internet

Fashion giant Express has patched its website to fix a security flaw that allowed anyone to view other people’s order details and personal information, TechCrunch has exclusively learned. At least a dozen of Express’ customer orders had been publicly listed in web search engine results. The security flaw exposed order confirmation pages on Express’ online store, revealing details of purchases and who made them.