The problems withthe MTAS application system continue it seems. It appears that not only are applications available online for the world to see, but the message services that MTAS provide are so poorly designed that simply changing a URL will take you into other's peoples mailboxes, but it gets worse. There appears to be virtually zero authentication process, meaning that literally anyone on the Internet can read the personal mailboxes of doctors applying for jobs.
I don't know where to begin I really don't. The implications of this are truly astounding. If mailboxes are also exposed then it sounds like this service has been like it for some time. This doesn't seem like a brief lapse of security, this is a total and complete breakdown in design, quality assurance, acceptance testing, and basic security operating procedures. Frankly, a monkey could probably have done better. It would appear that MTAS have taken the site down completely now, and a good job too - they have even named their image "apology" but that probably isn't enough now.
At what point will Patricia Hewitt take the responsibility, get herself in to the House and do the honourable thing?