Jump to content
ali2992

Personal Details Leak - Members Information

Recommended Posts

Hi,

 

My personal details (as well as a substantial portion of other members) are being hosted on someone's personal website - this website has been indexed by google and as such my email, address and mobile number are publicly accessible!! I am assuming this is the website of a member here?

 

http://tonyrichey.com/guest/Alan/Tiger/RHOCar%20Members.pdf

 

First of all, who thought that this was ever a good idea?! I am failing to see any reason why such a list would be hosted the way it is. Even if there were a legitimate need for this to be done then it needs to be behind some sort of authentication and certainly not accessible to web crawlers.

 

I'd also like to know how this information was retrieved in the first place, if the member is not a forum admin then how did they get this data, and if they are an admin then why are they hosting this information?

 

Does anyone know who this member is so I can contact them to get this removed asap

Share this post


Link to post
Share on other sites

looking into it

Share this post


Link to post
Share on other sites

Sorry about that, all my fault. That is my brothers server and I use part of it for an off-site backup of my personal files. And unfortunately that included a copy of of the members list. All removed now.

 

Wrist duly smacked.

 

Al

Share this post


Link to post
Share on other sites

I'd like to see answers to those questions too, Richard.

I take my privacy seriously, mostly because I have an ex-son-in-law who I want to keep

at (a long) arms length.

This is a clear breach of DP law.

I did not sign up to have my personal details available to the general public.

If Alan could access, copy & distribute this data, what else has been disclosed?

Edited by Bob Tucker
  • Like 1

Share this post


Link to post
Share on other sites

I presume it’s an old copy of the members list compiled in pdf format that used to be made available to the Area Secretaries. These used to be posted in the Area Sec’s section of the forum by the Membership Sec but to my knowledge, these haven’t been posted since April 2015.

 

The pdf would contain names, addresses and contact details – the same as the local members lists that were sent out with the membership packs but is a complete list of paid up members not a local area list. Alastair isn’t currently a club member but obviously was prior to April 2015 which is why his details were included.

Share this post


Link to post
Share on other sites

Richard is correct, and once again I apologise. Four years ago, as an Area Secretary, I asked for a copy of the members list so I could see who I had in Lincolnshire. As it happened I was given a full copy of the membership list by the Membership Secretary at the time, as a PDF file. And as I have already explained that was incorrectly backed up to an off-site server. I have now deleted all copies of the file.

Edited by alanrichey
  • Like 2

Share this post


Link to post
Share on other sites

Alan has addressed the immediate issue by removing the file copy but obviously this is still a concern that needs to be discussed by the committee. I’m not 100% up to speed with the requirements of GDPR but if we report this as a breach (which I’m inclined to think we should), we have 72 hours to do so.

 

I will start to look in to this later this afternoon.

Share this post


Link to post
Share on other sites

And obviously I am prepared to offer my resignation from the Club and the post of Area Secretary.

Share this post


Link to post
Share on other sites

GDPR has been seen as a big problem in a lot of car clubs, but this example illustrates why it is so important. Although the file is now deleted, no one knows who might have accessed it and downloaded it, once it's been in the public domain the club loses complete control of the data.

 

The link to the ICO page is very helpful and no doubt the committee will review the matter in accordance with the guidelines and decide urgently whether it needs to be reported.

 

(Sorry, almost a duplicate of the post above...)

Edited by emptyat
  • Like 2

Share this post


Link to post
Share on other sites

If my details were on that leak i.m personally not bothered ! As for Allan offering to resign that is also in my opinion not appropriate, this club is in enough of a decline without losing active area secs!

Learn from it and move on...

 

I think 5 lashings and 10 hail Mary's suitable punishment...

Edited by DanE
  • Like 8

Share this post


Link to post
Share on other sites

It's a genuine and honest mistake made by Alan - we're all only human after all!

Alan has supported the club a great deal over the years and acted quickly as soon as this was brought to light.

 

Whilst I appreciate all this GDPR thing going off at the minute, please let us not blow this out of all proportion and loose a fantastic area sec!!

  • Like 7

Share this post


Link to post
Share on other sites

This was just a simple mistake just. Hope my name was on the list and it is flying round the internet being published on servers world wide, that will help promote the business website.

  • Like 4

Share this post


Link to post
Share on other sites

sorry Alan once an area sec always an area sec you aint gettin out of it that easy you do to good a job

  • Like 1

Share this post


Link to post
Share on other sites

Everest Windows have all members details they were sold these on 1/4/2015 so they could market a new double glazed windscreen for winter motoring.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×