From the see-what-you-find-when-you-actually-investigate dept.:
There’s an update to a previously noted breach. IOM reports:
The Department of Infrastructure has been criticised after a member of the public saw another person’s details – including an ex-directory phone number – while using the online service in December.
As we reported on Tuesday, data protection supervisor Iain McDonald said ‘public trust and confidence in government’s ablility to manage personal data securely is eroded by such occurrences’.
The department originally wrongly claimed that a ‘weak password’ was to blame, but an investigation revealed that the card suppliers had disabled part of the password protection system during testing. The system was vulnerable for 26 hours.
Read more on IOM.
I feel like hashtagging the statement of their director of public transport, ‘There is no possibility of a future breach’, with #famouslastwords.