Who else picked up on this today?
BEGINS
Cahoot hit by web security scare
A security loophole at internet bank Cahoot allowed customers to access
other people's accounts, a BBC investigation has revealed.
The website, run by Abbey bank, was closed down for 10 hours on Thursday to
carry out urgent repairs.
The site has now reopened and the bank says the problem, which was caused by
a system upgrade, has been fixed.
Cahoot said that even with the flaw, hackers would not have been able to
move money between accounts.
ENDS
The point is that EVERY SINGLE Cahoot customer's personal financial details
and transactions have been opened up to general view. So, if you bank with
Cahoot anyone could have seen your balance, your payments, your income. To
heck with hackers and moving money. It is a major breach of the Data
Protection Act 1998 anyway. Period.
Is the Information Commissioner going to act on this? I imagine it depends
whether anyone complains.
Place your bets NOW!
If Data Protection is not burnt into the brain patterns of every employee
then this could happen in your organisation!
Tim Trent - Consultant
Direct: +44(0)1344 392644 Mobile:+44(0)7710 126618
email: [log in to unmask]
Marketing Improvement Limited, Abbey House, Grenville Place, Bracknell,
United Kingdom, RG12 1BP
http://www.marketingimprovement.com
This message is for the intended addressee's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mis-transmission. If
you receive this message in error, please immediately delete it and all
copies of it from your system, destroy any hard copies of it and notify the
sender. You must not, directly or indirectly, use, disclose, distribute,
print, or copy any part of this message if you are not the intended
recipient. Any views expressed in this message are those of the individual
sender, except where the message states otherwise and the sender is
authorised to state them to be the views of any such entity.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|