I’m amazed that this hasn’t been picked up in the media yet, but this came through the door of a relation last week and to say she was shocked and worried is an understatement. I mean it looks like her personal data, including bank details may have been left in an unsecured location for God knows how long!!
The letter states that while they were working on their website a “file” containing personal details was inadvertently left in an unsecure location. They go on to say that while the file was not visible on the face of the website they cant guarantee 100% that the file wasn’t accessed by an unauthorised 3rd party.
While the letter itself is very apologetic and and goes to great pains to try and reassure the recipient that this breach has been investigated thoroughly and that measures are now in place to ensure the situation can not be repeated, it doesn’t state when this breach happened and how long the data was exposed to the world.
The fraud protection cover they offer by way of apology is akin to padlocking the stable door after the horse has bolted.
I’m going to look into this for her and my first port of call will be the data protection commissioner. Come to think of it im not sure what good contacting the DPC will do, given the fact that they had their own leak recently any action they take against Airtricity might smack of hypocrisy!
I can only imagine the phone conversation:
> Is that Kettel?
- Yes this is Kettel
> This is pot
> You’re Black
Download the full Airtricity Letter.