The last week has been rife with new stories of high profile data loss. The Barnet Council incident has induced fervour in the UK and in the US it has been revealed that 3.3 million students have been affected after a firm providing loans to students lost detailed personal information.
Federal student loans are handled by the Education Credit Management Corporation (ECMC) in the US and millions of its users have been exposed after data was stolen from its Minnesota headquarters last week.
As well as the names and addresses of the affected students, the thieves have been able to get hold of Social Security numbers and birth dates. The ECMC has confirmed that although the loss is significant, no bank details were leaked.
The investigation into the loss at the ECMC is ongoing and, as such, the media has been unable to obtain precise details about the incident. It is understood that at this time there is no indication that the data has been used inappropriately by any third parties.
In other data loss news, it emerged this week that the parent company that owns the Durex brand was unaware that one of its subsidiary’s websites was entirely unsecured, allowing anyone to access the personal information of its users without logging in.
The kohinoorpassion.com customer site contains the orders and personal information of thousands of customers and its owner TTK-LIG was only notified as to the serious security loophole after an inquisitive customer found out almost by accident.
The customer revealed that simply by entering a different order number into the site’s URL, it was possible to bypass login altogether, instantly giving anyone access to the affected customer’s order history, home address and other private information.
Security expert Amichai Shulman commented that he was amazed by the general complacency with which some businesses approach data protection. Mr Shulman pointed out that the increasing sophistication of hackers was not being adequately countered by firms and that basic security measures needed to be tightened across the board.
