E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Professional Accountants, home page.		 LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by:
Bennett Gold LLP, Chartered Professional Accountants


SPECIAL NOTE TO ALL VISITORS:
Effective December 31 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering notable e-commerce news articles from the period 1999 to 2012.


DE BEERS SECURITY HOLE REVEALS CUSTOMER INFORMATION

On the Web, diamonds can be a spammer's best friend

Source: CNET News

Posted on May 4, 2000

      About 35,000 customer email and home addresses were exposed on Adiamondisforever.com, an informational site about diamonds sponsored by De Beers, CNET News.com has learned. Chad Yoshikawa, a Bay area consultant, stumbled across the security hole April 3 while searching for his home address through a search engine. The results turned up more than he bargained for.

      A Web page he found, pulled from the De Beers-sponsored site, lists the names, phone numbers and home and email addresses of people registered with the site, along with his own. Yoshikawa, who said his wife entered a diamond contest through the site, contacted a site administrator immediately because "it didn't look like they were too on top of things because it was hard to find the privacy policy."

      Jim Greene, system administrator for hosting company Luminant, replied in the email to Yoshikawa: "We have investigated and fixed the problem with the site. This area is not active on the site any longer."

      The security breach resembles "data spills" from several Web sites. Last year, Butterball published the names and addresses of people who signed up to receive recipes via an online newsletter. Nissan Motor also exposed a list of more than 24,000 email addresses belonging to potential buyers last year.

      "This kind of occurrence is all too frequent. (But) the De Beers (breach) seems especially troublesome because it suggests access to high-net individuals," said Jason Catlett, president of Junkbusters, an online advocacy group.

      "Who knows how many people have noticed or downloaded the list before it came to the attention of the media." he added.

      Luminant's Greene said Yoshikawa and CNET News.com were the only ones to spot the file.

      "We have looked into the server logs and see no indications that anyone besides yourself and someone coming from CNET accessed the files," he wrote.

      Adiamondisforever.com, which launched in November 1996, is part of The Diamond Information Center, a marketing service for De Beers, one of the largest diamond producers and marketers in the world.

      The site's privacy policy stipulates that the company does not "make available the email addresses of those who access our site to other organizations or companies."



CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

ALERT
ARCHIVES
Final Entries
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999


LINK TO: Bennett Gold, Chartered Professional Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Against
Privacy Breaches.

Get WebTrust
Working For
Your Site.