BreachExchange mailing list archives
Re: UK: Security breach hits thousands
From: Chris Walsh <chris () cwalsh org>
Date: Fri, 27 Jul 2007 22:29:44 -0500
Some more details: A security blunder at Newcastle City Council has exposed the credit and debit card details of up to 54,000 people online. The breach was discovered on 19 July after the council hired an independent security expert to try and crack its systems. The security exercise found an encrypted file containing names, addresses, and credit and debit card numbers had been mistakenly placed on an insecure server. An internal investigation also revealed the file with all the card details had been accessed and uploaded to a computer IP address registered in Israel. Newcastle City Council claims there is no indication of any fraud on the affected cards. The file contained details of payments for council tax, business rates, parking fines and rents for more than a year between February 2006 and April 2007. The council has informed the banks, police and the Information Commissioner about the breach and said a full investigation into the security breach is underway. [...] http://software.silicon.com/security/0,39024655,39167978,00.htm On Jul 26, 2007, at 8:03 AM, lyger wrote:
http://icnewcastle.icnetwork.co.uk/chroniclelive/eveningchronicle/ tm_headline=security-breach-hits- thousands&method=full&objectid=19522958&siteid=50081-name_page.html A COUNCIL computer blunder has led to a serious breach of security for credit and debit card holders on Tyneside. Police and security experts have been called in after details of thousands of people's cards were downloaded to an address which has been traced to the Middle East. As a result of the mistake, millions of financial records held by Newcastle City Council have been accessed and up to 54,000 individual card holders are affected. Information was placed in error on an open server site which could be accessed by outsiders instead of a secure network. The site was shut down as soon as the problem was discovered. [...] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 220 million compromised records in 734 incidents over 7 years.
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 220 million compromised records in 734 incidents over 7 years.
Current thread:
- UK: Security breach hits thousands lyger (Jul 26)
- Re: UK: Security breach hits thousands Chris Walsh (Jul 27)