10 Nov Corporate Regulator ASIC Compromises User Search History
The Australian Securities and Investments Commission (ASIC) was recently reported to have exposed user search records due to a flaw in its website.
The flaw, which was discovered by a businessman, allowed anyone to access the search history of individuals in ASIC’s online registry. A search link on a page in the website apparently led the user to another page which contained searches by individuals, including journalists from The Guardian and employees of private equity firms.
The businessman, who asked not to be named, said that he followed up with the regulator around 4 times, but the loophole still was not immediately addressed. The slow response prompted him to report the situation to The Guardian.
Source: The Guardian