Feeds

Tosh UK rewards competition hopefuls by exposing their privates

ICO slaps wrist after URL twiddling leaked personal info

Intelligent flash storage arrays

Toshiba Information Systems UK breached the Data Protection Act, the Information Commissioner's Office (ICO) has ruled.

The company published the personal details of 20 competition entrants on its website, which were compromised by a security gaffe, the watchdog growled.

"A security fault with the incremental numbering of the competition entrants registration URL created the potential for access to other customers' personal data for a two-month period," the regulator said.

The ICO was told about the privacy blunder in September. Names, addresses and dates of birth as well as contact information were exposed on the site after people registered for an online competition. The watchdog found that Toshiba had failed to put in place the correct measures to detect that a web design cock-up had been made by an unnamed third-party coder.

"It is vital that, as ever-increasing amounts of our personal information are collected online, companies have the necessary safeguards in place to keep this information secure," said ICO head of enforcement Stephen Eckersley.

"We are pleased that Toshiba Information Systems (UK) have committed to ensuring that any changes to applications on their website are thoroughly tested by both the developer and themselves, in order to keep the personal information they are collecting secure."

He warned: "We would urge other UK organisations with interactive websites to make sure they have suitable checks in place before collecting peoples’ details online."

Toshiba inked an undertaking [PDF] with the ICO to implement security measures to ensure that the personal data it handles are protected. ®

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.