BreachExchange mailing list archives
DWP sending sensitive data with passwords
From: security curmudgeon <jericho () attrition org>
Date: Wed, 14 May 2008 08:13:54 +0000 (UTC)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://www.computing.co.uk/computing/news/2216315/dwp-sending-sensitive-passwords By Tom Young Computing 09 May 2008 Government staff in the Department of Work and Pensions (DWP) have been sending out sensitive data in packages containing passwords that provide access to the information. An internal email to DWP staff outlining the poor security practices was leaked to influential political blog Dizzy Thinks. "Staff are... forwarding the data and password on together, which defeats the purpose of the security measure entirely," the email reads. After HM Revenue and Customs lost the details of 25 million families last year, civil servants were told all information sent between departments had to be password protected with passwords sent separately. [..] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- DWP sending sensitive data with passwords security curmudgeon (May 14)