Feeds

Sun compo entrants' privates exposed in public

Hacker posts Pastebin pasting

Choosing a cloud hosting partner with confidence

Security lapses at News International have exposed the email addresses and other personal information of readers who entered competitions in The Sun, the UK's biggest selling daily newspaper.

The names, addresses, phone numbers and dates of birth of thousands of people were also exposed by the hack, reckoned to have probably taken place at the same time that The Sun's website was hacked last month to redirect surfers towards a fictitious story on the supposed death of media mogul Rupert Murdoch.

Some of the data, including applications for the Miss Scotland beauty contest, has already been posted online. Entrants to a Wrigleys football competition, an Xbox competition, details of royal wedding well-wishers, and information from a forum for bullied people was also uploaded to Pastebin, The Guardian reports.

The data was uploaded by an individual called Batteye, who praised the actions of Anonymous as a whole and LulzSec, the hacktivist sub-group that returned from semi-retirement to carry out the 19 July Sun redirection hack. His rationale for exposing the private data of individuals in order to get at News Corp can be found here.

News International, publishers of The Sun and the firm currently in the middle of an ongoing phone and (now) computer hacking scandal, is reportedly going to contact affected individuals directly. Meanwhile the firm has reported the breach to both the police and the Information Commissioner, the BBC reports.

Miscreants could use the stolen information to mount targeting phishing scams. Neither financial information or passwords were exposed by the breach. Even so, News International ought to have encrypted personal data it holds, according to security firms, who said that the newspaper publisher had fallen well short of best practice.

"What this incident illustrates yet again is that consumer brands that we entrust our personal details must take their responsibilities much more seriously," said Mike Smart, EMEA product and solutions director at SafeNet. "While News International acknowledges financial details are secure as you would expect, the loss of so much unencrypted soft social data on names, addresses, emails and dates of birth offers a delicious feast of possibilities for scammers and spear-phishers."

Smart added: "With how their brand and reputation for trust has been so severely shaken, investing in proven and workable countermeasures like encryption to protect their readers seems an obvious step for News International to take." ®

Beginner's guide to SSL certificates

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
US government fines Intel's Wind River over crypto exports
New emphasis on encryption as a weapon?
To Russia With Love: Snowden's pole-dancer girlfriend is living with him in Moscow
While the NSA is tapping your PC, he's tapping ... nevermind
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
Slap for SnapChat web app in SNAP mishap: '200,000' snaps sapped
This is what happens if you hand your username and password to a 3rd-party
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.