The Moonpig Bug: How 3,000,000 Customers' Details Were Exposed

It's been all over the British news today: developer Paul Price found a bug in photo-crap-maker Moonpig's site, one that might have exposed three million users' personal information. Paul's got a great technical post about it at https://www.darkport.co.uk/blog/moonpig-vulnerability/ -- but there's no decent non-techie explanation except for the one-paragraph summaries in newspapers. It was a perfect storm of tech incompetence: here's how to avoid doing it yourself.