Because of a website security snafu, the online real estate platform Redfin made random users’ names, email addresses, and phone numbers available to others who log onto listings. The vulnerability lasted less than a week, the company said.

The personal identification information became visible to other users who were viewing real estate listings. The information would appear momentarily when a contact information form popped up on a listing; the form would be pre-filled with details from past users, which would quickly vanish.

The contact information of past users, however, would remain visible when viewing the listing while disabling JavaScript, a programming language used to make interactive websites that can, in many browsers, be turned off in general or for specific sites.

Past users’ email addresses or phone numbers, and sometimes both, were displayed.

© The Intercept