Web admins for Gisela Stuart MP inadvertently left password credentials for her site publically accessible up until Thursday.

The snafu, since corrected, was spotted by tech-savvy political blogger Dizzy Thinks when a (slightly mistyped) Google search turned up code instead of content. This revealed login details for the database behind the site.

Dizzy contacted site admins for the Edgbaston Labour MP who changed the passwords and purged the sensitive information. Admins at the Social Media Partnership explained that the rogue entry arose during a data migration, often the time when this type of snafu is liable to occur.

A full write-up of the incident can be found on Dizzy's blog here. ®

Related stories

• Labour forum leaks email addresses (9 February 2011)

  https://www.theregister.com/2011/02/09/london_forum_email_privacy_breach/

• Men far worse than women on password security (2 September 2009)

  https://www.theregister.com/2009/09/02/password_security_survey/

• Dutch news agency goof leaks VIP phone numbers (14 August 2009)

  https://www.theregister.com/2009/08/14/dutch_agency_exposes_contact_dbase/

• Vuln exposes eBay developer accounts (13 August 2009)

  https://www.theregister.com/2009/08/13/ebay_developer_passwords/

• WordPress bug resets admin password (12 August 2009)

  https://www.theregister.com/2009/08/12/wordpress_password_reset_bug/

• ICO finally gets new data protection penalty powers (23 July 2009)

  https://www.theregister.com/2009/07/23/ico_fines/

• Leaked memo says Conficker pwns Parliament (27 March 2009)

  https://www.theregister.com/2009/03/27/conficker_parliament_infection/

• DWP still sending out passwords and discs together (9 May 2008)

  https://www.theregister.com/2008/05/09/dwp_discs_passwords/