BACKGROUND:
It has been reported that personal information of customers of property website MyHome.ie was “inadvertently” leaked online, the company has confirmed. A large number of customer files which were uploaded onto the MyHome.ie “customer relationship management (CRM) system” from 2014 were also, “unbeknownst” to the company, “automatically stored in a temporary folder on the MyHome.ie server”.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>The report about the incident involving a leak of customers’ personal information at MyHome.ie stresses the term ‘inadvertent’ to describe it. Everybody understands the persistence of human error when people and IT systems interact, but when it affects the sensitive data of a company’s customer base, excuses don’t seem to soften the news. When we hear of careless handling of sensitive information, we begin to wonder just how secure our own data is within the many different data ecosystems housing and processing it. This is the point at which confidence in an organization becomes undermined—the moment something happens that could have been avoided. Data-centric security is becoming more commonly employed to protect data itself rather than perimeters around it or access to data. By tokenizing sensitive information, which replaces data best kept private with representational tokens, an organization can accomplish three things: the data remains safe no matter who intercepts it because data-centric security travels with the data; peoples’ private information remains safeguarded, thereby instilling confidence among the customer base; and the organization avoids fines, penalties, and other legal repercussions. That’s a win-win-win. When the solution is readily available, a mishap can hardly be qualified as inadvertent.</p>