Parenting website Mumsnet hit by data breach after glitch in software





A London-based parenting advice website Mumsnet has been hit by a data breach that allowed thousands of its users to see other's account personal information.

The company posted a notice on its website, it said the problem was first detected at  2pm on   5 February and the second time at 9am on 7 February. They have reported the matter to the UK's data protection authority, the Information Commissioner’s Office.

“During this time, any two users logging into their accounts at precisely the same time may have had their account info switched”, it said.

According to the company's website, around 46 users data were breached, but there was no record of password breach.

"You've every right to expect your Mumsnet account to be secure and private," wrote Ms. Justine Roberts, Mumsnet founder. "We are working urgently to discover exactly how this breach happened and to learn and improve our processes."

The data breach includes email addresses, account details, posting history, and personal message.

The breach was a result of a technical fault in the software. The company has now reversed the software update and has forced every user to again sign into their accounts in order to stop users lurking in someone's else account.

"We are working urgently to discover exactly how this breach happened and to learn and improve our processes," Ms. Roberts said.



from E Hacking News - Latest Hacker News and IT Security News http://bit.ly/2tqr5la

Comments