Slashdot Mirror

← Back to Stories (view on slashdot.org)

ISP Emails Customer Database To Thousands

Posted by samzenpus on from the give-me-a-list dept.

Barence writes "British ISP Demon Internet has mistakenly sent out a spreadsheet containing the personal details of more than 3,600 customers with one of its new ebills. The spreadsheet contains email addresses, telephone numbers and what appears to be usernames and passwords for the ebilling system. It was attached to an email explaining how to use the new system. Police forces and NHS trusts are among the email addresses listed in the database. A spokesman for Demon Internet confirmed that the company "was aware this happened this morning"."

1 of 259 comments (clear)

  1. They shouldn't even have the passwords by danlip · · Score: 5, Informative

    I can't believe this still happens. They shouldn't even be storing the passwords anywhere, even in their primary database, much less an Excel spreadsheet. Use a one was hash with salt, folks!

    Also "the company introduced a different ebilling system some months ago, but returned to paper billing following technical difficulties". Who hasn't managed to implement an ebilling system by 2009? Especially an ISP. They must be truly incompetent.