Parcelforce causes privacy brouhaha
IN YET ANOTHER blow to people's personal data, UK website Parcelforce has been called out for exposing postcodes, parcel specifics, people's names, addresses and signatures on its website.
The BBC ‘received' a shock when it discovered a glitch in the system that gave users access to a scammers paradise of information when using the site's "track and trace" feature. Inputting a reference number allegedly pulled up all sorts of odds and sods unrelated to the actual package denoted by the code, including already delivered parcels which had been signed for, along with their proof of delivery documents.
Proof of delivery forms tipped up with people's names and postcodes as well as their signatures, delivering quite an unpleasant possibility of identity theft and fraud.
Parcelforce, a subsidiary of the Royal Mail Group, swiftly dispatched an apology, saying the problem had started sometime "after work" (noon? 5pm?) on Wednesday [while employees were probably down the pub getting parcel faced - Ed], and wasn't noticed until early (10pm?) on Thursday morning.
Meanwhile, the Information Commissioner's Office (ICO) was none too pleased by the parcel farce, saying in a statement that it would be "contacting Parcelforce to establish how this security breach occurred and to find out what steps it will be taking to ensure that such a breach cannot happen again."
Let's just hope no one goes postal over this. µ
Share this:
ShareBusiness Intelligence Software
Customer Relationship Management (CRM)
Enterprise Accounting Software
Enterprise Resource Planning (ERP)
Enterprise Systems Management
This seems to be a common problem, especially among the smaller tracking systems. On several occasions I've received an email to let me track my parcel and by simply varying the tracking number by a few digits either side have been able to display other delivery details. Generally not as much as reported by the Beeb but worrying nevertheless..