
Personal data of Dutch telecom providers poorly protected - nl5887
http://sijmen.ruwhof.net/weblog/608-personal-data-of-dutch-telecom-providers-extremely-poorly-protected-how-i-could-access-12-million-records
======
tinco
It would be very cool if the government could fine businesses for negligence
like this, and even better if they would reward those who report it, which
they could pay out of the fined amount of course. That way the reporter
doesn't have to deal with the stress of being threatened by a lawsuit, and the
company always knows the reported problem is something they have to respond to
seriously.

Right now there is only form of pressure on these companies: Selling phones
and subscriptions with as little overhead as possible, and they're all
struggling to do so.

It also is a bootstrapping problem, right now companies just don't know about
security best practices. It was probably some 16yr old store employee who
suggested they use google docs to sync their passwords in the first place. If
they new of a better way to do it I believe they would have, but there's no
incentive to figure that out. If good security practices were more commonplace
in all businesses then they wouldn't struggle so much with doing the right
thing.

------
vegasbrianc
Excellent article and reporting! I’m actually not surprised at all of such a
blatant security risk. This is something to be expected from a shared computer
on a retail floor with a few shifts a day using the same terminal. I’m
actually shocked that this was not exploited earlier.

------
hesselink
I wonder if what these companies are (not) doing is actually a crime under the
European personal data protection laws?

------
tremon
original site appears down for me. Wayback link:
[http://web.archive.org/web/20151208100120/http://sijmen.ruwh...](http://web.archive.org/web/20151208100120/http://sijmen.ruwhof.net/weblog/608-personal-
data-of-dutch-telecom-providers-extremely-poorly-protected-how-i-could-
access-12-million-records)

------
davedx
I just bought my new phone and subscription through those companies. Very
happy there are people like Sijmen out there fighting the good fight.

