Grange Hill TV firm's website exposes CV details
Flippin' 'eck Tucker!!!
Lime Pictures, the television production company behind teen dramas Hollyoaks and Grange Hill is currently displaying a prospective employee's personal details on its website.
A Reg reader spotted the error last Friday while browsing the job section of the Lime Pictures website after he clicked on a link that should have opened a blank online application form.
Instead, highly confidential information about a woman who had applied for the role of administration supervisor popped up on the screen (see here).
He immediately contacted Lime Pictures to alert them to the fact that "some poor soul's personal details" were fully viewable.
But the confidential details are still on display today.
On its job application forms, Lime Pictures states that "all information provided is stored on our internal database and will not be provided to any other organisation. The information provided will be used for recruitment and statistical purposes only and will be destroyed when no longer required".
In fact, data seems to be about as protected as the love-life of one of those identikit blonde Hollyoaks characters, as you can access the entire filled-in application of a Liverpool-based woman who has six GCSEs including a B in RE.
El Reg contacted the applicant to see how she felt about Lime Pictures' data protection cock-up.
She told us that she applied for the job around the middle of last week and that she was very concerned to discover this had happened. "With what happens now-a-days with identity fraud, it's really bad isn't it?" she said.
We also put a call into Lime Pictures' press spokeswoman Gemma Hayden to find out why the information hadn't been promptly removed, despite the fact the TV firm had been told about the problem last week.
But all we got was a cheery recorded message which said: "I'm now out on a shoot but will be back in the office on Friday."
We've left a message on Hayden's mobile too, but she is yet to return our call. ®
If only software engineering, even down to humble web (app) development, had the same sort of professional bodies and standards organisations associated with physical engineers (ok there is MCSE I guess). We could do with a software engineer's RIBA.
Granted having a bridge, building or dam collapse is worse than having a business application or website fail, but even so... the problem with IT, and especially the internet, is that there are no mandatory professional bodies to (attempt to) ensure the standard of the work undertaken. Too many people think that because they can use Dreamweaver that they're a web developer... and to make matters worse, many companies/individuals employing web designers/developers don't know the difference either and don't understand the difference, in the end result, between a £14k website and a £40k one.
I let the reg know about this..
I let the reg know about this, i was applying for another IT role, and alerted the person who's details where in there, and Lime Pictures & The Reg, and the hosting company of the website, and guess who responded the quickest?
It's a shocking oversight from whoever updated the site, don't blame IIS or MS, this is a terrible mistake to have been made, whoever published the page needs shooting.
Hope my eagle eyed vision gets me a job....
It's gone now
They've pulled it now - they have puit up a note stating "Due to technical difficulties we are not able to offer an on line application facility at the moment.
We are pleased, however, to be able to accept applications with a CV as an attachment to the following email address"
Anyone else notice that the application was for "Administration Supervisior"?
Microsoft, IIS, ASP --- Need we say more....