UK: Loans website suffers security breach

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.itpro.co.uk/security/news/124958/loans-website-suffers-security-breach.html

By Miya Knights and Rene Millman
14th September 2007

UK online loans company, Loans.co.uk has said it suffered a security 
breach that has resulted in customer details being passed to other loan 
companies without authorisation.

The company said it recently learned of the breach and has contacted 
affected customers, although it would not say how many were affected. It 
did say sensitive information including names, addresses and dates of 
birth was compromised however.

"We have no evidence to suggest that this information has been used for 
any purpose other than marketing activity," said the company in a 
statement. "The individuals are people who applied to us for a loan, but 
we are not aware of any existing customers' details being provided."

The company has offered customers involved a year's free subscription to 
credit reference agency, Credit Expert so they might check if any 
fraudulent claims or applications are made using their details.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml