Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Dataloss] Demon splurges details of 3, 600 customers in billing email

From: security curmudgeon (jerichoattrition.org)
Date: Wed Sep 23 2009 - 15:15:29 CDT


Demon splurges details of 3,600 customers in billing email
Passwords too

By John Oates
Posted in Enterprise Security, 23rd September 2009 10:30 GMT

Demon Internet sent thousands of business and government subscribers an
email this morning telling them all about a new e-billing system, and
tacked on details, including passwords, for 3,600 customers.

The email - supposedly from Simon Blackburn Demon's director of customer
service - has been sent to customers opting for e-billing. It includes a
guide to the new service along with user names and passwords.

But the email also has a .csv attachment with 3,681 customer records on
it. Entries include names, emails, telephone numbers and what looks very
like a user name and password.

There are records for New Scotland Yard and other police forces, Alder Hey
Children's Hospital and local councils.

Dataloss Mailing List (datalossdatalossdb.org)

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.