ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Emerging tech Toolkit

Powergen's lax security condemned

Graeme Wearden and Will Knight ZDNet.co.uk

Published: 19 Jul 2000 09:21 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

In what has been described as a gross breach of consumer confidence, consumer watchdogs condemned lax security at British utility service Powergen Wednesday, for exposing the credit details of over 7,000 customers on its Web site.

It is potentially one of the biggest online security scares to hit the UK.

The breach revealed names, addresses and credit card information of customers who have used Powergen's Web site to pay their bills. Powergen is understood not to have apologised to customers hit by the breach.

According to the Consumer Association over 7,000 of Powergen's 2.5 million UK customers have been affected by the security problem.

"It's a clear breach of security by a company that should be able to keep these things secure," said Alan Stevens, head of digital services at the watchdog. "It severely damages people's confidence [in e-commerce]."

Stevens calls for a urgent review of security and for an apology from Powergen.

A vague comment from a Powergen representative suggested the firm had yet to fully understand the nature of the breach. "Obviously we're very concerned about it. Apparently someone was able to get in and look at other people's credit card numbers."

Powergen claims the Web site is now secure and, although there is no evidence that any details have been used to perpetrate fraud, the police are investigating the situation. The utility company is advising customers who have paid through its Web site to cancel their credit cards.

The Data Protection Registrar is concerned about the situation. It confirms it has been contacted by at least one customer and describes the security problem as a gross breach of customer confidence.

"We would expect any data collector to provide adequate security," says compliance manger Lorraine Godkin. "This is a breach of a principle of the [Data Protection] act."

The breach was uncovered by one Powergen customer visiting the company's Web site on 7 July. A file containing customer information was temporarily exposed to external access, according to Powergen.

If you've been hit by this security breach, please contact Graeme Wearden or Will Knight.

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Did you find this article useful?
75 out of 115 people found this useful


Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Emerging tech


Company/Topic Alerts

Create a new alert from the list below:








Discussions

Tezzer Tezzer

Wot?

Saturday 30 August 2008, 12:04 AM

3 comments
Tezzer Tezzer

Ofcom to consider customer termination...

Saturday 30 August 2008, 12:03 AM

1 comment
roger andre roger andre

Double meaning that causes arguments

Friday 29 August 2008, 11:13 PM

35 comments
roger andre roger andre

Physiotherapy Gets Virtual

Friday 29 August 2008, 10:20 PM

4 comments

View All

Featured Talkback

While full medical records may be of (dubious) value at rear/base medical facilities, these could be provided much simpler by either physical disk or electronic transfer to an "in theatre" database for individuals posted in. That £80m (and it's associated running costs) could have been far better employed in resuscitating a disbanded infantry battalion or providing a big boost in equipment quality and quantity.

By: 1000215420

Read full story:
Photos: MoD unveils £80m IT health programme