Feeds

Oz DNA tester’s privacy shocker

Some people shouldn't be let near Web servers

  • alert
  • submit to reddit

Business security measures using SSL

In a facepalm, forehead-slap, hang-your-head-in-shame howler, South Australian DNA testing company Medvet has left its online customer accounts system open to being indexed by Google.

As reported by The Australian, the search engine’s crawlers have dutifully recorded customer invoices including addresses and, in some cases, names.

Medvet’s managing director is reportedly seeking information from the company’s software supplier, rather than staging a public hanging of whoever set up robots.txt on its Website.

Although the SA government-owned company is trying to take action, it seems at sixes and sevens about what to do, telling the Oz it would conduct a full “security vetting” of the system, but not mentioning whether or not it would get in touch with Google to ask whether the search results can be removed.

At the time of writing, The Register was able to confirm that the search results remained in the Google cache (below).

Redacted version of Google cache results for Medvet.

Even without names, the privacy breach is disturbingly creepy: "That's my address, but I didn't order a paternity test / drug test - who did and why?"

While no test results appear in the searches, the privacy breach is serious enough for Australia’s Privacy Commissioner Tim Pilgrim to launch an investigation.

According to The Australian, Medvet was first told of the privacy breach in April. ®

Providing a secure and efficient Helpdesk

More from The Register

next story
SCREW YOU, Russia! NASA lobs $6.8bn at Boeing AND SpaceX to run space station taxis
Musk charging nearly half as much as Boeing for crew trips
PORTAL TO ELSEWHERE scried in small galaxy far, far away
Supermassive black hole dominates titchy star formation
Boffins say they've got Lithium batteries the wrong way around
Surprises at the nano-scale mean our ideas about how they charge could be all wrong
Edge Research Lab to tackle chilly LOHAN's final test flight
Our US allies to probe potential Vulture 2 servo freeze
Europe prepares to INVADE comet: Rosetta landing site chosen
No word yet on whether backup site is labelled 'K'
Cracked it - Vulture 2 power podule fires servos for 4 HOURS
Pixhawk avionics juice issue sorted, onwards to Spaceport America
City hidden beneath England's Stonehenge had HUMAN ABATTOIR. And a pub
Boozed-up ancients drank beer before tearing corpses apart
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.