Saturday, April 1, 2000

Online firm's security blunder angers clients

By KATRINA NICHOLAS

One of Australia's largest online computer retailers has admitted to a serious security blunder, accidentally releasing the email addresses of more than 200 customers.

The security breach occurred on Thursday night when the ninemsn Internet shopping merchant Ozbuy.com, which sells computer hardware and software to retail and business clients, used a sample from its actual database rather than from a dummy database when holding a routine test email, causing several hundred customers' email addresses to be emailed to each other.

The slip-up comes just months after a similar security breach by online music retailer Sanity.com, which last December revealed the email addresses of more than 140 users of its service.

Ozbuy.com co-founder Mr Michael Glezerson, who put the mistake down to "human error", said except for email addresses, no personal details of customers had been released.

He said he had personally emailed all affected customers within two hours of being notified of the glitch.

But the chairman of the Internet activist group Electronic Frontiers Australia, Mr Kim Heitman, said Ozbuy's slip-up amounted to a serious breach of customers' privacy and it was "disingenuous" to say it was human error. "This is more than just carelessness - it's failure to observe basic privacy policy," he said.

The Federal Attorney-General, Mr Williams, said on Thursday that the new Privacy Amendment (Private Sector) Bill 2000 would be introduced to Parliament within the next fortnight.

http://www.smh.com.au/news/0004/01/pageone/pageone5.html

-- Martin Thompson (mthom1927@aol.com), March 31, 2000

Answers

200 email addresses released!

HORRIBLE

-- (doo@wop.com), March 31, 2000.