By Stevie Smith Dec 20, 2007, 11:05 GMT
Sensitive details relating to Canadian small businesses have been left exposed by a recent glitch in the Canada Post business shipping Web site, reports the Globe and Mail. Information uncovered by the security error related to failed log-in attempts and incorrect combinations of usernames and passwords.
Canada Post Web glitch exposes small business details. Credit: Marketwire.
The cause of the security lapse responsible for potentially compromising certain business shipping records is yet to be isolated, commented Canada Post spokesman Francois Legault. The spokesman also outlined that any revealed usernames and passwords uncovered by the glitch were "out of date," that there is no threat to Canada Post customers, and that the problem has already been addressed.
Mr. Legault also noted that finding and eliminating all cached daily files relating to the security breach is all-but impossible, but that any such files would soon expire and that any user details contained therein could not be utilised by those looking to gather information for the purposes of ID theft.
However, that’s not a view shared by Michael Geist, a law professor based at the University of Ottawa, who offers that even records of failed log-ins and incorrect usernames and password combinations could prove to be a rich vein of possible revenue for members of the online criminal fraternity.
Geist notes that online users generally apply "the same username and the same password across multiple websites," and that persistent Internet criminals could well attempt to build on the Canada Post information in order to "try to crack into someone else’s online banking or e-mail accounts."
The breach was initially discovered by a small business owner based in Vancouver who commented to the Globe and Mail that he was "absolutely shocked" to find such sensitive information available in the public domain.
Your Talkback on this Story