Yet another UK company has fallen victim to poor data protection measures, and subsequently splurged private account details of its thousands of customers, it has been reported.
This time the culprit was an internet service provider, named Demon Internet, which has inadvertently sent out a spreadsheet containing names, addresses, email ids, telephone numbers and other personal details of its 3,681 customers.
The ISP has accidentally sent these all important details to an undisclosed number of customers.
Unfortunately, the reported Excel spreadsheet wasn’t even password protected, and hence could have been used by fraudsters to break into the accounts of people and organisations, including Alder Hey Children’s Hospital and New Scotland Yard.
The company informed that it had already reset the passwords of compromised accounts within three hours of the reported email being sent out to others, and that no customer details had been illegally accessed during that period.
The ISP said in a statement: “As a result of human error, customer Information for a limited number of customers who had signed up to Demon’s new paperless billing platform has been circulated as an attachment to an email”.
The company has extended its apologies to the concerned users, and reassured them to implement effectual security procedures to avoid such disastrous incidents in future.
Accidents like these happen from time to time and unless there's any casualties, there shouldn't be any calls to heavily fine Demon Internet. Still, someone must have wrongly used their Outlook client to send out an email with autocomplete on. Turned out that the recipient email was actually a mailing list address. Ouch!
(Top 10 Broadband)