The Inquirer-Home

Survey outfit exposes 41,000 private records

Poor security leaves survey subjects vulnerable
Mon Jul 07 2008, 10:08

TOP MARKET RESEARCH firm TNS Infratest/Emnid has 'lost' 41,000 private data records of its survey participants, the Chaos Computer Club (CCC) has revealed in its official organ Die Datenschleuder.

According to CCC, it was a doddle for participants to read master data records and consumer profiles.

The personal data was easily accessed without being checked by even the most basic security measures. All you needed to do was change the customer ID number in the browser's address bar and you could see everything.

Name and address, date of birth, email address and phone numbers were all open to any ID hacker who might be interested. Some of the data included monthly income, education, bank account information, health insurance data, and which credit cards are used.

CCC said that TNS Infratest made beginners' mistakes during software development which were "unprofessional, grossly negligent and, above all, deeply worrying."

CCC spokesman Dirk Engling was quoted as saying that there was enough information there to carry out a really good burglary campaign.

THS Infratest needs to inform the victims immediately, he said. µ



Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Heartbleed bug discovered in OpenSSL

Have you reacted to Heartbleed?