Quick thinking security consultant Secarma saves charity data loss


Quick thinking security consultant Secarma saves charity data loss

Cliff Saran

Hypoparathyroidism charity HPTH UK avoided a big fine from the information commissioner thanks to quick thing from security consultant Secarma.

The charity experienced a SQL Injection attack on a Linux server, which resulted in the personal details of more than 1,000 sufferers of the life-threatening illness, stored by HPTH UK, being published on infamous hacker website PasteBin.


One of Secarma's experts saw the data dump on PasteBin, alerted the charity and worked with web developers to identify the vulnerability. Secarma also removed the data from PasteBin and all Google searches related to it and contacted the police.

Liz Glenister, CEO HPTH UK : “We feel that the recent decision from ICO not to take action is down to Secarma's early intervention and willingness to share their knowledge so freely for which we shall be ever grateful.”

Secarma found a vulnerability within the forum software that the charity was using. The vulnerability was patched and the forum software was updated. Secarma also ran a penetration tested to ensure the security holes were fixed.

Lawrence Jones, CEO of Secarma’s parent company UKFast said:  “Hackers are unscrupulous and if they can steal your data, they will. It doesn’t have to cost a lot of money or take a lot of time, simple measures like strong passwords and regular testing can ensure that you won’t be easy pickings for hackers, nor fall foul of the ICO and the Data Protection Act. “

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy