Newcastle council credit card file appears on internet
By Rene Millman,
The personal details of 54,000 people have been accidentally exposed on the internet by Newcastle City Council.
While the authority's management admitted the mistake, they denied that was any indication of fraud or misuse of the data. The problem was unearthed by an independent expert brought in to test systems.
Thousands of credit and debit card transaction details were stored on an unsecured server and could be accessed by computers around the world. Transactions made between February 2006 and April of this year were included in the data left on the exposed server. These included payments for business rates, council taxes, rents and parking fines.
The council became aware of the breach last Thursday and has now informed banks, police and the Information Commissioner.
The council said that the file holding the data contained digital encryption security, "which means that the most sensitive data contained in it would not be accessible or of use without cracking this complex encryption", according to a statement on the council's web page. People in the city have been urged to check their bank and credit card accounts for signs of fraud.
Council chief executive Ian Stratford said in a statement: "We are now fully confident that our systems are properly robust, so we are continuing to receive payments by credit and debit card.
"We very much regret that this situation has developed, although would again stress that there has been no indication of any fraud or loss, and that we spotted this situation through the thoroughness of our own security and checking systems," he added.
One of the city's councillors, John Shipley, said that the breach was "extremely serious".
"My first concern is that every possible measure should be put in place now to protect people whose data might have been compromised, and we have communicated this to the banks and credit card companies," said Shipley.
The council would not comment on the circumstances in any further detail and said this was so as not to compromise an ongoing investigation into the breach.
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
Do British police get cyber security?
Davey Winder listens to telephone conversations between the FBI and the Metropolitan Police, courtesy of Anonymous, and isn't impressed.
- Who to trust after the VeriSign hack?
- Striving to solve the security skills crisis
- Would you employ a hacker or malware writer?
- Q&A: Raj Samani, CTO McAfee
- Erase and rewind: the EU and privacy
- My email address is [CENSORED]
- Is there such a thing as a secure tablet?
- 2011: The year in news
- BYOD: Old or new, good or bad?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- Ubuntu vs. Windows 7 on the business desktop
- York researchers heat storage to speed up data
- OneNote hits Google?s Android
- O2 trials Olympic-scale remote working
- Who to trust after the VeriSign hack?
- Lenovo beats expectations again
- BlackBerry Bold 9790 review
- Will someone rid me of these troublesome Macs?
- Google to promise fairness after Motorola buy
- Welcome to the stay-at-home Olympics
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
