Tech Watch | InfoWorld Staff » UK Dept. of Health admits data incident

April 27, 2007 | Comments: (0)

UK Dept. of Health admits data incident

TAGS: Security

The United Kingdom's Department of Health is apologizing publicly for an IT misstep that resulted in the exposure of hundreds of doctors' personal information online.

According to reports in the nation, including IDG's Computerworld UK affiliate, the British DHS mistakenly published an Excel spreadsheet bearing the affected individuals' details -- including their addresses, phone numbers, sexual orientation and previous convictions (yikes!) -- on an unsecured section of its Web site for several hours yesterday.

The incident comes just a month after the nation's DHS was forced to offer interviews to a number of doctors whose online submissions to the organization's Medical Training Application Service (MTAS) were mistakenly rejected.

DHS officials said that they were uncertain exactly how long the detail-laden Web site, first reported by the UK's Channel 4 News, was up-and-running online, but estimated that it was live for at least several hours.

One can only imagine what types of identity fraud schemes people could cook up with such targeted data. Not only do any potential identity thieves know quite a bit about their targets in general, but they also know that the medical professionals likely make enough money to have something worth stealing.

The DHS issued an apology statement that reads:

"We apologize to any applicants whose details have been improperly accessed. This is a very serious matter and is under investigation."

"This URL was made available to a strictly limited number of people making checks as part of the employment process. This information was never publicly available through the MTAS Web site and was only accessible for only a short period of time after details of the URL were leaked."

"The MTAS team fixed the problem as soon as it was brought to their attention."

Posted by Matt Hines on April 27, 2007 09:04 AM

RATE THIS ARTICLE: