Andrew Speakman

I was searching google for a UK address I was interested in, and got one match. It was a file on a large UK educational institution’s website. My concern was aroused. The file had the extension .dat, I clicked the link in google, but found that the file wasn’t available on the website. I googled the path to the file and found that there were more .dat files indexed in google, one of which contained what appeared to be personal information and was still available via the institution’s website.

At this point, I e-mailed three members of the institution’s web team as well as their general e-mail address to inform them of my concerns. I asked them to reply to confirm they had received my e-mail, I got an out of office reply from one of the team, but nothing else. It has been three working days since I e-mailed them, I am disappointed that my e-mail was not acknowledged. According to my website stats, someone at the institution in question googled me and viewed my sites, so they definitely read my e-mail.

UPDATE: My e-mail was acknowledged on 22nd March, according to the e-mail’s footer, I can’t disclose it without asking the permission of the sender, so I’ll be careful. The e-mail might say that they removed the confidential data from their site several months ago, but are having trouble getting google to remove it from their cache, and that the directory in question is now secure.

This entry was posted on Monday, March 20th, 2006 at 8:02 pm and is filed under tech / internet. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.