Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
United Kingdom Security

Childbirth Charity Hack Leaks 15,000 Expectant Parents Data (thestack.com) 73

An anonymous reader writes: A data breach has been uncovered at the UK's National Childbirth Trust, with over 15,000 new and expectant parents' details compromised. The charity "has apologized to its users and has informed them that their email addresses, usernames and an encrypted version of their passwords had been exposed in the data leak," according to The Stack. "It has assured members that no sensitive or financial information was accessed. The hack, which targeted the NCT's registration database, has since been reported to the police and the UK's data watchdog, the Information Commissioner's Office."
This discussion has been archived. No new comments can be posted.

Childbirth Charity Hack Leaks 15,000 Expectant Parents Data

Comments Filter:
  • by quenda ( 644621 ) on Saturday April 09, 2016 @10:57PM (#51877605)

    Webserver front-end was compromised, not the database. Not quite the Panama papers, is it? Non-news for nerds?

    • "Webserver front-end was compromised, not the database. Not quite the Panama papers, is it? Non-news for nerds?"

      Yeah, pretty much non-news for nerds. I highly doubt they will worry much about the childbirth part.

    • It is to be expected that the expectant parents and expected babies can expect to receive a lot of spam now.
  • by NadNad ( 550015 )

    For some, it wouldn't be the first time protection had been breached.

  • by darkitecture ( 627408 ) on Sunday April 10, 2016 @01:50AM (#51878085)
    The charity "has apologized to its users and has informed them that their email addresses, usernames and an encrypted version of their passwords had been exposed in the data leak," according to The Stack. "It has assured members that no sensitive or financial information was accessed."

    Dear groups, companies and corporations: Just because you think or say your users' email addresses and usernames are not considered sensitive information does not mean your users do not consider it sensitive information.

    Feel free to publicly post all the private email addresses and usernames you use on websites if you think it's not sensitive.
    • Also, anyone selling baby care products and a whole range of related home stuff would place huge value on a list like that. It's well known to marketers that new parenthood is a time when people are likely to change their shopping habits. Those email addresses are going to get deluged with spam.
    • by mwvdlee ( 775178 )

      What kind of encryption did they use for the passwords?
      If they did the minimal thing of a plain MD5, these passwords might as well have been unencrypted.

      Apart from the obvious use of these email addresses to spammers, the combination of a username and email address will probably let some people's email be abused for purposes beyond spamming. I.e. celebrities or political/business leaders.

  • by RenHoek ( 101570 ) on Sunday April 10, 2016 @03:41AM (#51878309) Homepage

    "no sensitive or financial information was accessed."

    I think the fact that the whole world now knows you are pregnant can in itself be considered 'sensitive' in some peoples cases.

  • A data breach has been uncovered at the UK's National Childbirth Trust, with over 15,000 new and expectant parents' details compromised

    So, what would the justifications be this time? Donald Trump's mistress exposed? Torture by MI6 proven? What?

  • When are we expecting a copy of the data to be posted?

  • Do exactly the same, but ten times as much every day.
  • seems these hacks and leaks happen almost every day now.
    I am convinced it can happen to ANY of us - any day.
    So we must develop a reslience against these inevitables leaks.

Never test for an error condition you don't know how to handle. -- Steinbach

Working...