Omniquad rapped for data breach
Managed security services firm blasted by privacy watchdog after customer details leaked online
The publication of customer details online by managed security services provider Omniquad has been blamed on a glitch in its helpdesk software.
It is claimed that a vulnerability in the third-party software used by Omniquad to handle its helpdesk calls resulted in customer log-in details becoming available online.
Daniel Sobstel, managing director of Omniquad, said the system was taken offline within several minutes of the data breach being brought to his attention
last Monday.
“This is not a case of negligence on our part. We have acted quickly to fix the situation and notify any customers who may have been put at risk,” he said.
Sobstel claimed only a handful of customers would have been affected because “exploiting the data would have taken days”.
“The software has been in place for a few years and this is the first time we have had any kind of problem like this with it,” he added.
A spokesperson at personal data watchdog Privacy International (PI) said, as a network security specialist, Omniquad’s failure to safeguard its customers’ data was astonishing.
“Security and privacy should be at the core of everything they do and that includes carrying out security audits of all third-party software and services they offer,” said the spokesperson.
PI said it had reported the incident to The Information Commissioner.