Nvidia's store appears to be leaking cached emails to random users

PSA to anyone hoping to snag one of Nvidia's RTX 3000 series Founder's Edition cards: There appears to be a flaw in Nvidia's web store causing it to display the email address and more personal information from other shoppers at random. A Reddit poster published a screenshot of what they claim is another user's email address and "partially masked" credit card information. Multiple other posters confirmed they'd seen a stranger's email address when logging in to check an order.

The incident seems similar to a 2015 caching bug that caused the Steam client to display account information from other users. What triggers the bug is tricky to ascertain—it's specific to Nvidia store accounts, a separate system from the accounts Nvidia uses for GeForce Experience. When users go to check their order status, they may see someone else's cached email instead of their own.

On Twitter, TechTeamGB posted an email from one shopper who was contacted by someone who discovered his email through the Nvidia store. They wanted his RTX 3080.

I haven't been able to replicate the error myself—I can't find anything on the Nvidia store in stock to attempt to buy for the purposes of creating an account on checkout. One poster in the reddit thread claims to have seen "some credit cards autofill." It's uncertain at this point how widespread the issue is or what's causing it, but Nvidia is aware. A community manager on the subreddit said "I have escalated it to our team to investigate." 

We've reached out to Nvidia PR for more details, and received the following statement: "We are investigating the issue and will provide further information once it is available."