UK.gov leaves data dashboard users’ details on publicly accessible on a third-party system. Users are urge to reset their password.
Are you a user of the UK Government website UK.gov? Change your password now!
Users of the government’s data dashboard have been notified that their information was accidentally made public so they urge to change their passwords.
The news was reported by The Register after it has seen an email that confirmed that a file containing names, emails and hashed passwords for the data.gov.uk site was left publicly accessible on a third-party system.
According to the email, users registered on gov.uk on or before 20 June 2015 have been affected.
“A recent routine security review discovered a file containing some users’ names, emails and hashed passwords was publicly accessible on a third-party system,” reads the email from the Government Digital Service.
The Government Digital Service confirmed that it immediately adopted the necessary actions to remove data from the public domain. The GDS also reported the data breach to data protection watchdog Information Commissioner’s Office.
The UK Government suggests users reset their password for gov.uk and for any other website where they used the same login credentials.
“There is no evidence of misuse of anyone’s credentials,” states the email. “Resetting your password is purely a precautionary measure.”
The incident could have a severe impact on a large portion of Britons considering that the website Data.gov.uk was visited more than 200,000 times each month in 2017.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.