Whoops! Another website leaks data and dates of birth

Just earlier today I was telling you about The Princeton Review who have been left with egg on their face after a competitor told the New York Times that confidential details of tens of thousands of American students had been exposed.

Well, what do you know? Another website has come a cropper in a similar way.

This time it’s the Institute of Chartered Accountants in Ireland. According to media reports, details of 17,000 Irish accountants was accidentally published on its website.

Sign up to our free newsletter.
Security news, advice, and tips.

The sensitive information includes members’ personal addresses, email addresses and telephone numbers, as well as dates of birth – all valuable stepping stones for any criminal intending to commit an identity theft.

The reason why this data was exposed? Apparently the Institute of Chartered Accountants in Ireland redesigned its website – unfortunately improving its usability also potentially made it simpler for the bad guys to access valuable information too. The Insitute only learnt about the problem when a member warned the organization in early August.

The good news is that there is no indication that the data has been used by criminals (ah, the luck of the Irish..) but as the information did manage to be ‘spidered’ by search engines it may still be accessible by committed identity thieves prepared to trawl through caches.

It’s obvious that too many organizations are being careless with the information they gather about their employees, customers and users. More steps must be taken to secure all points of the enterprise, and careful consideration must be made as to what information needs to be stored to reduce the chances of an embarrassing data breach.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.