Data could have been exposed for over five months.
Merseyside taxi drivers have had their personal details accidentally disclosed.
According to media reports, the drivers’ full names and home addresses were published online, potentially for months, after a new Taxi Licensing computer system meant personal information of some of our taxi drivers could be viewed.
The visible information was potentially exposed for around five months, as the system went live in April and the data breach was discovered last Thursday September 5th.
Liverpool Echo has seen screen grabs and recordings taken from Sefton Council's licensing portal, and confirmed individuals names and addresses were visible. Furthermore, the search function not only allowed you to find the home address of drivers using their name, but a post code search of the first three digits e.g. L20 would reveal the full names and home addresses of all Sefton licensed drivers living in that area.
The spokesperson for Sefton Council added: “[We] would like to apologise to anyone affected by this. We are currently carrying out an urgent investigation with our provider to understand how this incident occurred and steps that need to be taken to prevent it happening again.”
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
