Racing Post escapes ICO fine after leaking info of 677K punters

  • 28 August 2014
  • 0 replies
  • 257 views

Userlevel 7
UK sports-betting newspaper the Racing Post has received a stern warning – but not a fine – after it emerged that it had aired the private details of more than 677,000 customers as the result of a security breach last year.
The October 2013 snafu resulted in the exposure of the names, addresses, passwords, dates of birth and telephone numbers of 677,335 customer accounts held with the horse racing enthusiast site. Poor website security gave hackers easy access to sensitive information.
 The information was compromised after an SQL injection attack on the Racing Post website (racingpost.com) that allowed unidentified hackers to gain access to the company’s database of registered customers.
A subsequent investigation by data privacy watchdogs at the Information Commissioner’s Office (ICO) discovered that the firm had last pen-tested its website in 2007, six years before the attack.
 
The Register/ full article here/ http://www.theregister.co.uk/2014/08/28/racing_post_data_breach/

0 replies

Be the first to reply!

Reply