Survey outfit exposes 41,000 private records

Poor security leaves survey subjects vulnerable

By Nick Farrell

Mon Jul 07 2008, 10:08

TOP MARKET RESEARCH firm TNS Infratest/Emnid has 'lost' 41,000 private data records of its survey participants, the Chaos Computer Club (CCC) has revealed in its official organ Die Datenschleuder.

According to CCC, it was a doddle for participants to read master data records and consumer profiles.

The personal data was easily accessed without being checked by even the most basic security measures. All you needed to do was change the customer ID number in the browser's address bar and you could see everything.

Name and address, date of birth, email address and phone numbers were all open to any ID hacker who might be interested. Some of the data included monthly income, education, bank account information, health insurance data, and which credit cards are used.

CCC said that TNS Infratest made beginners' mistakes during software development which were "unprofessional, grossly negligent and, above all, deeply worrying."

CCC spokesman Dirk Engling was quoted as saying that there was enough information there to carry out a really good burglary campaign.

THS Infratest needs to inform the victims immediately, he said. µ

L'Inq
Chaos

Carberp Trojan makes Facebook users pay to unlock accounts Sophos reveals koobface gang Wednesday, 18 January 2012, 10:46 AM Read more	Anonymous turns on itself Anonops seen as too centralised Tuesday, 15 November 2011, 12:54 PM Read more
German authorities confirm using spyware for surveillance Federal trojan was not so far fetched after all Tuesday, 11 October 2011, 16:09 PM Read more	German hackers uncover a government trojan Designed to record Skype calls and more Monday, 10 October 2011, 16:09 PM Read more
HP Touchpad review A tablet with the WebOS operating system Friday, 22 July 2011, 18:05 PM Read more	Sony is hit with yet another hack attack, thousands of passwords compromised Lulzsec carries out Sownage promise and releases ‘various collections’ of stolen info Friday, 3 June 2011, 11:34 AM Read more

Comments

Disdain

It's people who signed up for market research, so who cares really? It's not like they respect themselves or their privacy.


posted by : W.-, 07 July 2008 Complain about this comment

INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage

INQ Jobs

Pricing Manager- Financial

Pricing Manager- Financial ...

INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

Yes, companies should suffer an immediate death penalty upon being accused of copyright infringement.

Yes, the coppers said the company was breaking the law so it must be guilty.

No, the company and the people accused are innocent until proven guilty.

No, the company had millions of customers who have been harmed by having access to their data files cut off.

I don't care, I never used Megaupload anyway.

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

Survey outfit exposes 41,000 private records

Share this:

RIM Playbook OS 2.0 and Blackberry 7.1 video demo

Nokia Lumia 710 video review