Northern Ireland website leaves front door open, spills users' data
No theft necessary, just search ...
The creators of this Irish website may be fluent in the language of the Emerald Isle, but they are distinctly unversed in computer security.
The Líofa (Fluent) website – a UK government project [PDF] – suffered not so much a data breach as a data giveaway. Users' personal information such as names, addresses, emails and phone numbers were published on the site and easily uncovered using the site's search function.
The website, launched in February as part of a campaign to encourage more people to learn Irish, has been shut down while "accredited IT security experts to establish the full extent of the website's vulnerabilities".
Northern Ireland culture minister, Carál Nί Chuilίn, has apologised for the fiasco. She said that there is "no evidence" that the information has been accessed or misused in any way and that it did not contain financial data.
However, some in NI see speaking Irish as part of the "republican agenda", so even having your name on the registered users list could constitute sensitive information. ®
Sponsored: Becoming a Pragmatic Security Leader