Computer security failures in the news

On Monday, Public Health Wales disclosed that it accidentally leaked the personal data of 18,105 Welsh residents who tested positive for COVID-19, and that data was visible for 20 hours on a public server on Aug. 30 and viewed up to 56 times, the agency said.

The data belonged to every resident of Wales who tested positive for COVID-19 between Feb. 27 and Aug. 30. It included people’s initials, date of birth, gender and general location, but not specific information on who they are. Still, for a subset of 1,926 people who live in supported housing or nursing homes, the data included the names of those locations.

Source: Data on 18,105 coronavirus patients leaks after staffer clicks wrong button – CNET

And, a bug in Biden’s campaign app enabled anyone to access voter history and other data on millions of voters.

Far too many organizations collect far too much information, and then retain it online for far too long. The result is “All your secrets belong to us”.

Having pulled official credit reports on myself and my wife, we were surprised to find the high number of errors in the records. For example, credit reporting agencies had us living at addresses we had never lived at. In one case, they intertwined data from a woman with a similar name to my wife. Through what we found in our own credit file, I was able to cleverly identify the woman, her actual home address and her employer!

Over time, the quality of data retained – for too long – in online databases goes down and there is seldom anyway to know what erroneous data has been stored about yourself, nor is there away to seek a correction.

 

Leave a Reply

Your email address will not be published. Required fields are marked *