Bull blames human error as police records go on the Net

News

Bull blames human error as police records go on the Net

Bill Goodwin


Bill Goodwin

Computer services company Bull has blamed human error for a security flaw that left sensitive customer records available for viewing on the Web.

Confidential details about Bull's customers, including the French Police, the Russian tax police, and Barclays Bank were exposed by the error last week.

The flaw, in a database intended for use by Bull's customers, came to light after a French Web site published confidential files downloaded from Bull on the Internet.

Bull played down the error this week. It said in a statement, "We can confirm that, due to human error, on Thursday, 31 August 2000, certain pages of the Bull customer extranet were non-password protected."

Bull said the site contained no "highly confidential" information. However, some documents from the site are clearly marked as being confidential.

Security consultant, Kenneth De Spiegeleire, of Internet Security Services, said the case illustrates the perils of Web site design. "One of the problems is that people design security into a site afterwards," he said. "Very often a small mistake can make the whole system vulnerable."

Lawyer Steven Philippsohn advised companies that fall victim to Web site security breaches to inform their customers straight away to reduce potential claims for damages.

If they discover their records are compromised, customers should consider taking out injunctions against both the supplier and its ISP demanding an immediate fix, Philippsohn said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy