Feeds

Horrific moment curvy mum-of-none Mail Online spills everyone's data

'Once you go cyber, they got you by the short n curlies' - DM commentard

SANS - Survey on application security programs

Middle England will be shocked to discover that the Daily Mail's website, the world's most read online newspaper, has only gone and admitted to a shameful data security cock-up.

The publication - which is known for displaying loads of pictures of tits and ass online normally alongside an equal amount of outrage about tits and ass online - has alerted world+dog that there was an "URGENT problem" with its users' profiles.

(Mail Online has just celebrated unaudited record readership figures of 134 million unique browsers in July, but it's not exactly the online version of the right-wing Daily Mail as much of its racy content would never be published in the paper edition.)

The outlet's senior communities editor Tessa Meneux, who has the thankless task of wrangling Daily Mail commentards, breathlessly confessed at lunchtime today:

Hello

I've been frantically emailing readers this morning.

Last night we had a technical issue with our user profile and login service that resulted in a bug with the display of user profiles. When viewing your profile page users were presented with a copy of another user's profile page instead of their own. The issue is now resolved.

We take your privacy very seriously and we would like to reassure you that we have undertaken several rigorous tests to ensure that your data is secure. Other users were never able to see your password or other encrypted data, post comments on your behalf or make any changes to your profile.

Thank you for your patience and please accept our apologies for any inconvenience caused. If you have any further questions or concerns about this matter, please let us know.

At time of writing, however, it's unclear whether the newspaper had turned itself into the Information Commissioner's Office. Meneux certainly didn't suggest that the UK's data regulator had been made aware of the breach.

The Register has very kindly done the legwork for the Mail by passing on the details of the blunder to the ICO.

Meanwhile, some Mail Online readers appeared utterly disgusted with the security gaffe. Some peeps complained they were greeted with someone else's full name, date of birth and email address.

One user frothed: "That was a serious breach of security ... wish I had known I would never have joined this forum ... was there any compensation offered for the security breach? If not why not???"

Another, meanwhile, couldn't resist the opportunity to simply blame the internet:

Am truly disgusted by this news and it's another nail in the coffin of despicable things that happen all the time now. This strengthens my 'argument' for not going cyber ... once you are cyber, 'they' got you by the short n curlies.

We'll update this story if the Mail does furnish us with a statement. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.