Thursday, April 26, 2007

Doctors email accounts exposed to the world?

The problems withthe MTAS application system continue it seems. It appears that not only are applications available online for the world to see, but the message services that MTAS provide are so poorly designed that simply changing a URL will take you into other's peoples mailboxes, but it gets worse. There appears to be virtually zero authentication process, meaning that literally anyone on the Internet can read the personal mailboxes of doctors applying for jobs.

I don't know where to begin I really don't. The implications of this are truly astounding. If mailboxes are also exposed then it sounds like this service has been like it for some time. This doesn't seem like a brief lapse of security, this is a total and complete breakdown in design, quality assurance, acceptance testing, and basic security operating procedures. Frankly, a monkey could probably have done better. It would appear that MTAS have taken the site down completely now, and a good job too - they have even named their image "apology" but that probably isn't enough now.

At what point will Patricia Hewitt take the responsibility, get herself in to the House and do the honourable thing?

6 comments:

Flavious said...

"At what point will Patricia Hewitt take the responsibility, get herself in to the House and do the honourable thing?"

For crying out loud Dizzy, stop expecting these muppets to EVER take proper responsibility for these things, they will get their comeuppance come the next G.E., in the mean time keep digging up the dirt, and hopefully these clowns will prepare for political oblivion, because prepare or not that is where they are headed.

Anonymous said...

Has anyone found out just who is responsible for creating this system? It’s not another Bangalore botch job by any chance?

Anonymous said...

flavious - tend to agree with you - as long as the Health Service is spraying shit around on ministerial careers, the view from Tony Blair will be, let's not poison further 'clean skins'.

When the situation is improving they may sacrifice some junior ministers.

Only when the fan has stopped spraying the shit temporarily will she take a walk..

Absolute scandal...

SJK said...

this makes me a wee bit worried.
i work for a company who recently decided to do away with monthly payslips.
we would now find the info on line.
if you wanted a hard copy ,just take a print.
a few days ago the first online version of my payslip came thru.
i was a wee bit worried,not at the krap wage,i am used to that.
but more to the fact of all the info on that one page........

name
address
bank details
national insurance number
annual salary

i wondered,
i aint very technically minded,
but if somebody was ,and had the hacking ability,would i not be a siting duck for identity theft?

btw i am a civil servant.so it is a government site.so unlikely to be very robust,or accurate.

Garth Marenghi said...

well said,
I reckon even with a shot gun pressed up against her slimy gob Hewitt would still refuse to back down,
some people just have no shame, it's just dissappointing there's a whole party of them in power.

Fitaloon said...

It's all the Daily Mail's fault they run it!
MTAS..Method Consulting..Jobsite..Associated Newspapers..Daily Mail.