Demon screw up

Rik · Sep 24, 2009, 11:34:08

The Telegraph reports that:

QuoteDemon Internet has released the private account details of thousands of its customers, in the latest data protection failure by a British company.

The names, phone numbers, usernames and passwords of 3,681 subscribers were contained on a spreadsheet mistakenly attached to an email sent to other customers.

The information would have allowed anyone to break into the accounts of people and organisations – including New Scotland Yard and Alder Hey Children's Hospital – who have signed up for the internet service provider's e-billing option.

Demon Internet said that it reset the passwords of the compromised accounts within three hours of the email being sent out on Wednesday morning, and that no customer data had been illicitly accessed in that time.

Oops.

Simon · Sep 24, 2009, 12:18:12

Doh!

Tacitus · Sep 24, 2009, 12:29:52

Seems like I chose the right time to leave them...

Rik · Sep 24, 2009, 12:38:53

Doesn't it, Tac.

Fox · Sep 24, 2009, 15:57:03

Yup, but it takes the government to make the biggest cock-ups (like "losing" the names, addresses and national insurance numbers of every person in Britain receiving Child Benefit...)

Rik · Sep 24, 2009, 16:01:29

They have far more practice, of course.

Colin Burns · Sep 24, 2009, 16:22:17

wonder how busy BT are going to be issueing MAC Codes as if they wernt busy enough trying to fix WBC

Rik · Sep 24, 2009, 16:25:47

Probably not that busy, Colin, the ISPs can generally do that themselves.

Niall · Sep 24, 2009, 18:50:14

How would they know if their accounts had been accessed by people other than the intended? If someone had all the details, they'd be able to log in normally

Well, unless people were logging in from miles out of the area the details were assigned to I suppose.

Rik · Sep 24, 2009, 18:57:26

Given the way the system works, Niall, I doubt Demon could prevent access.

Niall · Sep 24, 2009, 18:59:32

Yeah they seem to be the most inept company around, or one of the top 5 anyway. It makes me wonder how they still operate, and what sort of lies they tell to get trade from a business.

Rik · Sep 24, 2009, 19:00:58

I disliked them in dialup days, so I've not been back since.

Sebby · Sep 24, 2009, 19:14:06

What on earth is that kind of information doing on a bog standard spreadsheet in the first place?

Rik · Sep 24, 2009, 19:21:03

That's a good question, Seb, and why was it available to attach to an email?

Sebby · Sep 24, 2009, 19:25:40

Exactly. This is a large corporation we're talking about, not a tiny business with one computer!

Rik · Sep 24, 2009, 19:26:30

So how was your day at work?

Technical Ben · Sep 26, 2009, 20:13:07

This is general practice in most companies. Just get the job done, don't think about how it should be done.

At work I cannot even list the number of different systems we use. It's ridiculous why they cannot be standardised or linked. I suppose there is greater security to have each program separate, but I get fed up of having 7 or so windows open on my desktop.

Also, I'm reminded of the small company where they lost all there customer records. They kept all the orders in outlook, in the emails used to order the merchandise or the ones that the customers registered with. When the emails got to around one thousand, outlook just crashed and killed everything. It helps to have proper records or databases.