Leak gave access to data 80 000 ‘friends’ Central Bureau for Genealogy




A large portion of the customer base of the Central Bureau for Genealogy, or the Center for Family History, was for anyone with basic knowledge of HTML accessible. The file contains information like bank account numbers of about 80,000 “friends of the MEB.

The database of the MEB consist of name and address data, bank account numbers, email addresses and comments on the payment behavior of current and former clients, such as who was regarded as a defaulter. The entire file appeared stored in plaintext. The data were simply for approaching each: the directory was listed in the robots.txt file, which allows search engines to specify what part of the site may not be indexed.

Tweakers pointed to the existence of the leak thanks to a tip from an anonymous whistleblower platform Publeaks. After the existence of the leak having been verified, the security issue has been reported to CBG. Within hours, the vulnerability is then closed. It is unknown how big the part of the customer base that the data was online, but according to the center itself is a ‘substantial part’.

According to Ruud Straatman, head of digital products at the service, the vulnerability was not in the ‘Friends database “may sit. The MEB is according to a statement to the service users a migration path to new servers, while the data on an old server would remain.

“The migration process was precisely motivated by the desire to manage data sustainably safe” according to the MEB. According to the MEB leak can not long exist. Not to determine whether this claim is correct. Straatman gives Tweakers against self contact with the Dutch Data Protection Authority to make a notification about the flaw in the processing of personal data.


In: Technology & Gadgets Asked By: [15446 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »