BreachExchange mailing list archives
follow-up: Passport security breach repaired, official says
From: security curmudgeon <jericho () attrition org>
Date: Thu, 6 Dec 2007 10:50:02 +0000 (UTC)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://www.theglobeandmail.com/servlet/story/RTGAM.20071205.wpassport05/BNStory/National/home By Kenyon Wallace Globe and Mail December 5, 2007 Passport Canada says that a security breach in its passport application website that allowed easy access to the personal information of applicants has been repaired. "We're definitely looking into how this happened, but right now, it's fixed," said Fabien Lengelle, a spokesman for Passport Canada. "We are very committed to security and we would like to reassure the Canadian public that passport online is a secure application." Mr. Lengelle added that the personal information of applicants is never stored online. However, an Ontario man applying online for a passport last Thursday discovered he could access personal information - such as social insurance numbers, birthdates and driver's licence numbers - of other applicants by altering one character in the Internet address displayed by his Web browser. [..] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- follow-up: Passport security breach repaired, official says security curmudgeon (Dec 06)