back to article Hands up if you didn't lose data in the Typeform breach

The list of organisations notifying customers that they're affected by the Typeform data breach continues to grow – and at least one victim has publicly claimed the breached backup data was unencrypted. Australian bakery chain Bakers Delight, “beyond banking” outfit Revolut, the Australian Republican Movement, data platform …

  1. Anonymous Coward
    Anonymous Coward

    Ocean Protocol: This is what writing in lawyered-corporateeze gets you I guess:

    'Ocean Protocol is an ecosystem for sharing data and associated services. It provides a tokenized service layer that EXPOSES DATA...'

    https://oceanprotocol.com/

    1. razorfishsl

      Re: Ocean Protocol: This is what writing in lawyered-corporateeze gets you I guess:

      https://blog.oceanprotocol.com/typeform-data-breach-faqs-11008736aaa9

      Seems that a massive amount of confidential data was gained

      " Information that the hackers downloaded includes email, birthdate, place of birth, ID number, nationality, wallet address, and for our US participants, SSN."

      but they are "sorry" so I guess that makes it ok then........

  2. Phil Kingston Silver badge

    Baker's Delight

    As a regular customer, I hope Baker's Dozen rise to the occasion. They won't want to be seen to be pounding the pudding. Yeast of all they doughn't want negative press - they'll end up looking a bit crepe.

    1. Anonymous Coward
      Anonymous Coward

      Re: Baker's Delight

      It is their bread and butter so they need to roll with it.

    2. Anne-Lise Pasch

      Re: Baker's Delight

      Dough!

  3. Dan 55 Silver badge

    GDPR

    Who's paying the fines for this, Typeform or the end businesses?

    1. Anonymous Coward
      Anonymous Coward

      Re: GDPR

      There is no GDPR issue unless it covers EU residents data; if it does, it is a shared penalty....

  4. Pascal Monett Silver badge
    Flame

    "the council will consider ending its relationship"

    You'd better not just consider it !

    I hope that there will be a massive move against this, to send a strong sign that we the public no longer tolerate this kind of gratuitious data-hoovering, but I doubt it. Tomorrow will likely be business as usual, right Talk Talk ?

  5. BebopWeBop Silver badge
    Holmes

    In Ocean Protocol's case, the attacker obtained “email, birthdate, place of birth, ID number, nationality, wallet address, scans of identity documents, proof of residence, proof of accreditation and for our US participants, SSN”.

    Why the f***k were Typeform holding this - let alone in an unencrypted form? Heads need to roll (they won't of course) with jail time and Typeform need to be driven out of business by their unhappy customers.

    1. JakeMS

      I agree, however I'm fairly certain it'll be brushed under the rug and forgotton about.

    2. Dan 55 Silver badge

      Looking at a comparison of survey software, it seems the only one which gets it is the one from Germany - on premises. All the rest are ripe for the picking.

    3. Mark 85 Silver badge

      It will all be forgotten after the latest breaches are released tomorrow by another company. No fines but a sternly worded note and possibly (but not likely) a slap on wrist with a very fluffy sponge (dry not wet). It's' a pity (almost*) that there's not some hungry lawyers around for class action suits. But that too won't happen.

      *Almost a pity because if it happens, well, lawyers.

  6. Westley

    I have heard recon lost a list of user names, but only user names used for competition entrys, (dont google reocn in work)

    1. Anonymous Coward
      Anonymous Coward

      Recon

      Usernames on recon are actually email addresses ... how trustworthy is your info Westley?

    2. Chris King Silver badge

      "(dont google reocn in work)"

      Let's just say that www.netsnmp.org (note the missing dash) used to deliver more in the way of flesh tones than you'd expect for a piece of open-source software.

      1. Chris King Silver badge
        Facepalm

        Re: "(dont google reocn in work)"

        "I said I wanted *bits* per second, Chris ! BITS !" Luckily, he didn't ask for NIBBLES per second...

  7. Aodhhan Bronze badge

    Welcome to...

    PaaS and SaaS cloud environmental risk.

    Too many professionals don't understand the increased risk, and don't have the experience to know where the data is and how well it's protected.

    ---then they find out (TOO LATE), the cloud provider has no responsibility or risk acceptance; it's all on them.

  8. Anonymous Coward
    Anonymous Coward

    Koru Kids

    I use childcare from korukids.co.uk, and great to find out they stored data with these <insert expletive>s. "Amongst the data which has been stolen:

    - Your name and email

    - Your home address

    - Your date of birth

    - Your National Insurance number

    - Your children's name and date of birth

    - The name of your children's school

    - The name and phone number of your children's emergency contact(s), and their relationship to your children"

    1. Alan Brown Silver badge

      Re: Koru Kids

      "Amongst the data which has been stolen:"

      Welcome to the real world. Take a number and join the queue.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019