Rather annoyingly, I received the letter below from the ABC informing me that one of their program websites had been hacked, and my details stolen.
It’s annoying on several levels, as I only vaguely recall the program, and don’t remember gaining any great benefit from registering for it. This model of harvesting viewer/reader/listener private data is becoming all too common, and does nothing for the end user. In fact there is a law of diminishing returns – the more you register with these 3rd party providers, the more likely something like this becomes. And when it does, who has to shoulder the hassle of fixing it… you!
It’s a concern to note that only after this incident did the ABC shut the website down. Why was it still up anyway, for a program that is over 2 years old – and just how long were they intending to hold onto my details and what were they doing with them?
It is of further concern that they state: “This breach happened at an overseas location”. Do they mean the attacker was overseas, or was my data – or both? IF my data was overseas, why the hell is that so?
This communication from the ABC leaves more questions unanswered than it resolves. The outcome is that now its clear I cannot trust the ABC to be responsible with my data, nor to be particularly helpful in giving me good information to protect myself. The warning should be heeded by all online users though, that in this age of constant requests to ‘register for further information/a free download/post questions-comments/enter a competition/or whatever, there is no such thing as a ‘free’ or ‘simple’ registration.
We are asked to register at sites like this because it benefits the site, not us. Our details are retained to prove readership numbers and obtain funding; our details are on-sold and/or amalgamated into global databases; our personal responses are analysed and used for marketing, and every set of registration details and responses we provide adds to the depth and detail of what other faceless people and corporation know about us.
When you see supposedly trustworthy brands like the ABC falling foul of this kind of attack it just goes to show how far they have gone as an organisation in selling out – to them our personal details are just another commodity to be traded or stashed away for some future exploitation.
Maybe the greatest irony is the motivation behind this attack – an online ‘protest action’ against the ABC giving interview airtime to the loony-right MP Geert Wilders. I personally completely agree that this idiot should not be given the time of day, but here we are with his name on yet another website – and blindly using my details as a protest against this is not really benefiting anyone.
Here is the full text of the ABC letter (funnily enough from email@example.com):
Dear ABC Audience Member,
This email is being sent to you from the Australian Broadcasting Corporation, and relates to the recent unauthorised access of some information linked to the ABC television program Making Australia Happy which aired in late 2010.
Overnight the ABC was made aware that the Making Australia Happy website has been hacked. Our records indicate that you registered with this website to interact with the program.
The investigation into this breach is ongoing. However, we do know that information that you used to register on the program website, such as email addresses and passwords, has been exposed.
As soon as the ABC was made aware of the breach, the Making Australia Happy website was shut down. However, if you have used the same information to register or use other sites (eg shared passwords) we strongly advise you review or change that information.
This breach happened at an overseas location and an activist has claimed responsibility.
The ABC sincerely apologises for the incident. Please be assured that the ABC is taking immediate action to contain the breach and review the safeguards in place. At this stage, the ABC believes this is an isolated incident and does not affect any other ABC services.
If you have any questions please take time to read the FAQ page .
If you have any further questions, please do not hesitate to contact us at this email address: firstname.lastname@example.org
Director ABC Corporate Affairs