A US online pet store has exposed the details of more than 110,400 credit cards used to make purchases through its website, researchers have found.

In a stunning show of poor security, the Austin, Texas-based company FuturePets.com exposed its entire customer database, including names, postal and email addresses, phone numbers, credit card information, and plain-text passwords
[…]
The database was exposed because of the company’s own insecure server and use of “rsync,” a common protocol used for synchronizing copies of files between two different computers, which wasn’t protected with a password.

Source: A database of thousands of credit cards was left exposed for months

Oh dear, clear text passwords and non-protected rsync transfers ūüôĀ