RSS Alerts

Related Links

  • Parcelforce
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • Someone’s got to pay
    Consumers are increasingly trading the high street for the home computer, and in both cases getting more than they bargained for. Rob Stringer investigates the fraud and fuzzy legislation of retail security
  • Comment: How to stay mobile whilst keeping sensitive data safe
    Press coverage is, on the whole, to be welcomed; however negative publicity hurts your brand and image and does not help win hearts, minds and new customers. So why do so many companies actively court this by being so poor when it comes to handling sensitive data?
  • US standards drive Canadian information security
    An absence of legislation and the presence of the laissez-faire attitude has resulted in Canada being rather lax when it comes to information security compliance. Robin Arnfield looks at how US standards are driving the Canadian information security marketplace
  • First arrests in Heartland Payment Systems data breach
    The first arrests in connection with the recently disclosed breach at Heartland Payment Systems have been made in Florida.
  • T-Mobile confesses guilt over customer data theft
    In what some communication security experts are calling a classic data theft resulting from one or more rogue employees, T-Mobile has admitted its staff sold private details of customers to a third party for use when selling mobile phone deals.

News

Parcelforce customer data revealed

22 June 2009

Parcelforce customers' names addresses and postcodes were available online after a system related to the company's mail tracker service failed.

Parcelforcehas now rectified the problem and apologised to customers.

A BBC investigation revealed that when some customers entered their unique reference number for tracking a delivery, they gained access to other people's delivery details.

The BBC reported that in a period of 30 minutes,the system revealed details of parcels destined fora wide range of locations, including Cleveland, Swansea and Shanghai.

Name, postcode and signature details would allow fraudsters to steal someone's identity. The data breach breaks rules set by the Information Commissioner's Office (ICO).

A spokesperson for the ICO said,"Any organisation which processes personal information must ensure that adequate safeguards are in place to keep that information secure. This is an important principle of the Data Protection Act. Failure to protect personal details such as names, addresses and signatures could lead to information falling into the wrong hands and ultimately the loss of customers' trust and confidence."

The ICO said it will contactParcelforce"to establish how this security breach occurred and to find out what steps it will be taking to ensure that such a breach cannot happen again."

Parcelforce said the problem hadbeen rectified and the service was back to normal last night. It also apologised.

This news item first appeared on Computer Weekly's website: http://www.computerweekly.com/Articles/2009/06/19/236513/parcelforce-customer-data-revealed.htm

 

This article is featured in:
Data Loss Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water