New Zealand's Ministry of Social Development: Complete Privacy Failure

Keith Ng of Public Address revealed late Sunday night that New Zealand's Ministry of Social Development had catastrophically failed to protect the privacy of many of its clients, contractors, and debtors.

Among other pieces of information that should never have been publicly accessible, the first names, date of care, and costs of New Zealand's most vulnerable children in Care and Protection Homes were available to anyone who walked into a space open to the public and used a publicly available computer kiosk.

Last week, I got tipped-off that the parts of the MSD network were completely exposed to the public. You could go into any WINZ [Work and Income New Zealand] office and use their self-service kiosks to access their corporate network. This basically means you can grab any file that wasn't bolted down on the network, while standing in the middle of a WINZ office. And that's what I did.

Ng found, among other things:

"[F]ull names, hours worked, pay rates and pay details for all of MSD's contract workers"

"All of MSD's legal bills"

"Full names of candidates for adoptions, foster parents and Limited Services Volunteers (they have to get medical reports first). Others were for children in CYFS [Child, Youth and Family Services] care, with their full names and their chief complaint; some of these were for x-rays after injuries."

I sorted through 3500 invoices. This was about half of what I obtained, and what I obtained was about a quarter of what was accessible. There are probably more outrageous things still on that server, and there probably other servers that I've completely missed. But I'm done for now.

This stuff was all a few clicks away at any WINZ kiosk, anywhere in the country. The privacy breach is massive, and the safety of vulnerable children was put at risk.

Ng notified the Acting Privacy Comissioner and MSD several hours before breaking the story - deliberately on a Sunday - so that no one could make use of this information for their own purposes before the relevant authorities could shut down the kiosks. (Which he was informed has happened.)

I'm totally appalled by MSD's negligence. I expect heads are going to roll.

Project Bronte Report: WUTHERING HEIGHTS with BONUS UNSPOKEN THOUGHTS

Internets, I finally finished Wuthering Heights. It is a work of genius and I hate it.

Fortunately, while I powered through the last two hundred pages, I had my brand new copy of Unspoken, by my bud Sarah Rees Brennan, who has written an awesome Modern Gothic Romance trilogy. This livened up the Wuthering Heights reading immensely.

Now I hate Wuthering Heights, and I love Sarah and Unspoken both. I read Unspoken when it was a baby manuscript and I read Wuthering Heights as part of a New Year's Resolution. NEVERTHELESS, I am going to embark on a Objective* and Totally Unbiased* Comparative Review of these two Gothic novels.

I really recommend not reading this review unless you have read Unspoken, because I am going to spoil the heck out of everything. I think I reveal nearly every mystery the book holds, including the ending. You don't have to read Wuthering Heights first, though, you probably picked it up through cultural osmosis.

What Are The Plots?

SPOILERS SPOILERS I AM NOT KIDDING SPOILERS.

( Read more... )