Germany accidentally reveals residential rolls on internet

[fukami <fukami () gmail com>]

http://www.monstersandcritics.com/tech/news/article_1412897.php

A slip-up in Germany led to residential rolls on half a million
people becoming freely accessible on the internet, an investigative
programme on German TV said Monday.

The rolls, which list names, dates of birth, marital status and
religious affiliation, are normally protected by passwords.

HSH, the company which supplied the software and maintained the
databases, admitted Monday that for three months, a non-secret
password had applied to rolls kept by 15 local authorities. The
password was in software documentation on the web. After the
error was discovered on Friday, new, secret passwords were adopted.

HSH denied a suggestion by the TV programme Report Muenchen that
the privacy had been compromised in 200 towns over a period of
years. It did not say how many people were listed on the rolls
affected. In Germany it is compulsory for the whole population
to register on rolls of residents, which are for official use only.

HSH, which is based near Berlin and specializes in computerizing
the rolls, said an error led to the publication on the internet
between March 15 and June 20 of the standard password.

It said somebody had used the password to extract data on
individuals at four of the local authorities.





_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml