Mumsnet reports itself to regulator over information breach

The site ultimate had to file itself to the facts commissioner in 2018 after a row about trans rights on the discussion board escalated when a former worker published screenshots of posts that contained the IP addresses of the person who wrote them. Despite the reality that the guide changed into accidental at the part of the ex-worker, Mumsnet treated it as a records breach and handed the information directly to the ICO.

More seriously, in 2014, the website online found that an attacker becomes the use of a great computer virus referred to as “Heartbleed” to compromise an unknown variety of its 1. Five million user money owed. Mumsnet reset user passwords in response to the assault.


… we have a small favor to invite. This is The Guardian’s version for open, independent journalism: unfastened for people who can’t have the funds for it, supported by way of individuals who can. Readers’ assist powers our work, giving our reporting impact and safeguarding our critical editorial independence. This means the responsibility for protective impartial journalism is shared, empowering us all to bring about real trade around the world. Your guide gives Guardian newshounds the time, space and freedom to record with tenacity and rigor, to shed light where others gained. It emboldens us to challenge authority and query the status quo. We have chosen an technique that lets in us to hold our journalism available to all, no matter in which they stay or what they are able to have the funds for. This manner we will foster inclusivity, diversity, make the area for debate, inspire communication – so greater people, internationally, have to get entry to correct information with integrity at its coronary heart.

The Guardian is editorially impartial, meaning we set our personal agenda. Our journalism is loose from industrial bias and now not motivated by billionaire proprietors, politicians or shareholders. No one edits our editor. No one steers our opinion. This is vital as it allows us to give a voice to those less heard, task the effective and maintain them to account. It’s what makes us exceptional to such a lot of others inside the media, at a time while real, honest reporting is essential.

A botched improve to the software program the discussion board runs on meant that for 3 days if two users attempted to log in at the identical time, there has been the possibility that their debts would be switched. Each user turned into able to put up as the alternative, see their account details, and examine non-public messages.

The agency doesn’t recognize what number of user money owed have been affected but says that over the three days the bug became life, from Tuesday afternoon to Thursday morning, about four,000 users logged in. Of that, only 14 customers have suggested trouble.

Mumsnet founder Justine Roberts apologized to users in a put up, saying: “You’ve each proper to count on your Mumsnet account to be cozy and personal. We are working urgently to find out precisely how this breach befell and to learn and improve our strategies. We may also hold you know about what’s going on. We will of direction be reporting this incident to the data commissioner.”

Mumsnet confirmed to the Guardian that it has now self-noted the Information Commissioners Office, as it is legally required to do within the occasion of a statistics breach.

A botched improve to the software program the discussion board runs on supposed that for 3 days if two customers tried to log in on the identical time, there has been the possibility that their money owed could be switched. Each user turned into capable of put up as the alternative, see their account info, and read personal messages.

The business enterprise doesn’t understand how many consumer money owed were affected, however, says that over the three days the malicious program turned into life, from Tuesday afternoon to Thursday morning, about four,000 users logged in. Of that, simplest 14 users have pronounced an difficulty.

Mumsnet founder Justine Roberts apologized to users in a put up, pronouncing: “You’ve each right to anticipate your Mumsnet account to be relaxed and private. We are operating urgently to find out exactly how this breach befell and to study and enhance our tactics. We may even preserve you knowledgeable about what is happening. We will of direction be reporting this incident to the facts commissioner.”

Mumsnet confirmed to the Guardian that it has now self-mentioned the Information Commissioners Office, as it’s miles legally required to do within the occasion of a facts breach.

Roberts emphasized that passwords had been no longer exposed in the breach, and reassured worried customers: “You do now not need to do something. We have reversed the alternate that induced the problem. We are investigating which bills have been affected – we don’t suppose it’s many and we will touch you if we suppose it is yours.”

The website online last had to document itself to the records commissioner in 2018, after a row about trans rights on the discussion board escalated when a former employee published screenshots of posts that contained the IP addresses of the user who wrote them. Despite the truth that the publication turned into accidental on the part of the ex-worker, Mumsnet dealt with it as a records breach and exceeded the details directly to the ICO.

Share