The front page of the National edition (though not the other widely circulated edition, the City Final) of the Evening Herald has the headline : “PRIVACY CHIEF CAUGHT OUT BY HACKER” and the subheading “SECURITY BREACH : Data Protection Commissioner left red-faced by blogger“. Fiona Dillon wrote the article, which continues on page 4.
It’s possibly one of the silliest things I’ve seen from the Irish press in relation to technology for a while, and that’s saying something. Below, you can see the relevant parts of the article. Now, what actually happened is set out here : the blogger in question simply linked to a document that was available on the website (though without a link from the relevant pages, i.e. news updates or reports or whatever). No hacking took place (at all). I understand that they have to sell newspapers but to allege hacking where it is clearly untrue is shoddy and sensationalist at best and perhaps even dangerous and unethical. Of course, I approve of teasing the Commissioner when something like this happens – but doing it in a way that blares about HACKING is totally uncalled for.
The comment attributed to the Commissioner is also clearly inaccurate – it is not (as he is reported to have said) about a report “on our web which was due to be put on our website this morning” – the report was on the website and this idea of “our web”, suggesting access to internal pages, is manifestly and demonstrably wrong. But at least that’s on an inside page.
Oh, and yes, they spelled embarrassing and Commissioner’s wrong. On the front page. Well done, Herald.
Also discussed on RTÉ, here.
Extract from front page:
THE office of the country’s privacy chief was at the centre of an embarrasing security breach today after a blogger hacked into its website.
Details of the Data Protection Commioners annual report were accessed and released by a blogger a day before the report was due for release.
The report for 2007 was only officially published at 11am today. But the details were already on the internet yesterday after a blogger found the report on the Commissioner’s website.
Data Commissioner Billy Hawkes acknowledged his office had fallen was victim to “a security breach” but played down the significance of it.
Extract from page 4:
The Data Protection Commissioner Billy Hawkes said today: “A very resourceful blogger has managed to access the copy of our Annual report on our web which was due to be put on our website this morning.
“It obviously was pre loaded, and thanks to his technological knowledge he was able to access the version that we pre loaded but didn’t intend to be in the public domain until 11am.
“So I think it’s a wonderful illustration for a Data Protection Commissioner whose about to launch an annual report warning about security that actually even our own office can be, as it were, be a victim of a security breach.”