Government website leaks private information

Britons using government website data.gov.uk have been urged to change their passwords after private information was accidentally leaked to a "third party system".

According to a Government Digital Service (GDS) Spokesman, there is currently no evidence that suggests the data security breach has led to the misuse of any credentials, but urged users to reset their passwords as a "precautionary measure".

The spokesman added that the website's passwords are saved hashed, which means they have been purposefully scrambled so they cannot be accessed by cyber criminals. However, the government has suggested that anyone who uses the same password elsewhere should reset them as a safety precaution.

The leaks from the site, which is used to provide information on government service functions for research and development, were reportedly discovered as part of a routine inspection of cyber security.

As well as hashed passwords, user names and email addresses were also leaked during the data security breach, but only users who signed up to the service on or before 20 June 2015 are thought to have been affected.

Thankfully, there is currently no evidence of misuse of credentials. However, the breach was confirmed during the same week that the British Academy and Royal Society called for a change in governance and management of data in Britain to prevent such security breaches and boost public confidence in government services.

in a report entitled Data Management and Use: Governance in the 21st Century, it was revealed that the collection and management of data has created issues with understanding and defining the type of data that should be considered sensitive.

According to the report, while many government bodies are capable of meeting data security standards and coping with upcoming challenges, there are still a number of gaps that need to be addressed before the public will feel their data is safe.

Contact us

ISO 27001
ISO 9001 logo
ISO 20000 logo
Cyber Essentials logo
Internet Service Providers Association logo
Internet Telephony Service Providers Association logo
LINX logo
RIPE logo
AWS Partner Network logo
Microsoft Partner logo
Crown Commercial Service supplier logo