[ISN] Details of chartered accountants on website

From: InfoSec News <alerts_at_private>
Date: Wed, 20 Aug 2008 06:36:48 -0500 (CDT)

The Irish Times
August 19, 2008

CONTACT DETAILS for more than 17,000 members of the Institute of 
Chartered Accountants in Ireland have been inadvertently published on 
the web in the latest data security breach to hit a high-profile 

The information includes members' personal addresses, contact details 
including e-mail addresses and phone numbers, and personal data such as 
date of birth. The file also includes membership numbers and the 
temporary passwords allocated to members before their first log-in to 
the website.

During a redesign of the institute's website in July, a version of its 
membership database was mistakenly published on its site. The new site 
went live on July 10th. It was alerted to the error by a member on 
August 5th.

The information was not linked to anywhere else on the site but did 
appear in the public directories. As a result a number of search engines 
came across the page and indexed it.

The institute's own investigation suggests that the data was "crawled" 
by four internet search engines.


Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
Received on Wed Aug 20 2008 - 04:36:48 PDT

This archive was generated by hypermail 2.2.0 : Wed Aug 20 2008 - 04:39:23 PDT