InvestorsHub Logo
Boards
News
Market Data
Markets
Discover
Discover
Subscribe Login/Register
S&P 500
5,615.35
(
0.55%
)
US TECH 100
19,804.00
(
0.64%
)
Dow Jones
40,000.90
(
0.62%
)
Brent Oil
84.57
(
0.00%
)
Bitcoin
59,738.25
(
0.85%
)
Post# of 249238
Next 10
Reply Private New
Public Reply Private Reply New Post
Keep Last Read
Keep Next 10 Report Keyboard Shortcuts
Next 10 Prev Next

dude_danny

Send PM Follow Ignore
Followers 3
Posts 555
Boards Moderated 0
Alias Born 07/31/2003

dude_danny

Re: None

Friday, 07/27/2007 11:48:47 AM

Friday, July 27, 2007 11:48:47 AM

Post# of 249238
Web security breach exposes 54,000 card details
Newcastle City Council admits to blunder

By Andy McCue
http://www.silicon.com/research/specialreports/riskmanagement/0,3800013989,39167978,00.htm
Published: Friday 27 July 2007

A security blunder at Newcastle City Council has exposed the credit and debit card details of up to 54,000 people online.

The breach was discovered on 19 July after the council hired an independent security expert to try and crack its systems. The security exercise found an encrypted file containing names, addresses, and credit and debit card numbers had been mistakenly placed on an insecure server.

An internal investigation also revealed the file with all the card details had been accessed and uploaded to a computer IP address registered in Israel. Newcastle City Council claims there is no indication of any fraud on the affected cards.

The file contained details of payments for council tax, business rates, parking fines and rents for more than a year between February 2006 and April 2007. The council has informed the banks, police and the Information Commissioner about the breach and said a full investigation into the security breach is underway.



He said: "It's a question of resources. There could be up to 54,000 people affected. It is up to cardholders themselves - it is best for people to keep an eye on their credit and debit card statements and notify the banks of anything suspicious straight away."

Earlier this month silicon.com launched its Full Disclosure campaign calling for the government to consider legislation that would require organisations that suffer information security breaches to alert their customers if there is a chance the breach has put individuals' sensitive personal data at risk. Such laws are already enforced in many states in the US. Click here to sign the Downing Street petition calling for it to be introduced in the UK.

Newcastle City Council said it closed down the insecure computer servers straight away, tightened security and is now "fully confident" it is safe to continue taking credit and debit card payments.

Councillor John Shipley said in a statement: "This is an extremely serious breach, which I was shocked to hear about. My first concern is that every possible measure should be put in place now to protect people whose data might have been compromised, and we have communicated this to the banks and credit card companies."

Newcastle City Council CEO Ian Stratford added in a statement: "We very much regret that this situation has developed, although we would again stress that there has been no indication of any fraud or loss, and that we spotted this situation through the thoroughness of our own security and checking systems."
Public Reply Private Reply New Post
Keep Last Read
Keep Last Read Next 10 Report Keyboard Shortcuts
Next 10 Prev Next

Join the InvestorsHub Community

Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.

Sign Up