Feeds

Powergen wins whistleblower case

Chamberlain mulls appeal

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

A long-running civil trial between Powergen and a customer who highlighted a serious breach in consumer security more than four years ago has ended in victory for the utility firm.

Powergen sued whistle blower John Chamberlain for breach of confidence over allegations that Chamberlain failed to keep a promise to destroy customer data obtained from Powergen's site. After repeated adjournment the case concluded last month in Birmingham's Chancery Court with victory for Powergen. Damages (if any) and costs against Chamberlain are yet to be set.

A spokesman for E.ON, parent company of Powergen, told El Reg: "We've had the judgement in our favour. However the matter is ongoing and we don't want to comment further."

Without any legal aid, Leicester-based former IT consultant Chamberlain conducted his own legal defence in the case. He is considering appealing to the European Court of Human Rights over the lack of legal assistance afforded him in the case.

In a interview with The Register, Chamberlain said he is monitoring the progress of the "McLibel case". A pair of environmental campaigners who lost a libel action against McDonald's are taking their case to the European Court of Human Rights. They are suing the UK government over its refusal to grant legal aid in libel cases.

Transformer

Chamberlain said the Powergen case had affected his work and health. He has just started working again after being unable to work for two years. Despite the impact the case has had on his life, Chamberlain is determined to continue to fight the utility company.

The bad blood between Powergen and Chamberlain began after he found a serious security hole on its site in July 2000. Rather than thanking him for pointing out that customers' financial details were easily obtainable through simple URL manipulation, Powergen at first denied anything was wrong.

But after Silicon.com used credit card information supplied by Chamberlain to prove that there was a breach, Powergen upped the ante. It threatened to obtain an injunction against Silicon.com and branded Chamberlain a "hacker".

No cybercrime prosecution was ever brought against Chamberlain. He is highly critical of Powergen's initial denials as well as its subsequent aggressive legal stance. Powergen's breach of confidence lawsuit was prompted by the acrimonious fall-out from the security breach and its subsequent media coverage. There have also been accusations of intimidation on both sides and a series of domain name disputes, the latest of which was settled in May.

In an action initiated in January 2004, Chamberlain was involved in a domain name dispute over the site PoWergen.tv. This site was "registered in bad faith" and originally (for a time in October 2003) contained content critical of Powergen, according to Powergen's complaint. Arbitrators ruled in favour of Powergen and the domain was handed over to the utility in May 2004. ®

Related stories

Powergen sets legal attack dogs on security whistle-blower
Powergen vs whistle-blower case adjourned
Powergen awarded whistleblower's domain
PowerGen credit card security cock-up
PowerGen stems flow to bloody nose

3 Big data security analytics techniques

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.