London Marathon Suffers Massive Security Breach


According to BBC News, the home and e-mail addresses of all entrants to the London Marathon (approximately 38,000 people) were mistakenly made available on the marathon's official Web site.

"The runners' information was accidentally posted on the website under the section in which commemorative medals could be ordered," writes SecurityNewsDaily's Matt Liebowitz.

"Celebrities who took part in the race -- and whose personal details were presumably available for anyone to access -- include celebrity chef Gordon Ramsay, Shadow chancellor Ed Balls, pop singer Will Young, newsreader Sophie Raworth, and stars of TV shows such as Coronation Street and The Only Way is Essex," writes Sophos' Graham Cluley.

"The organizers were not aware of the problem until the BBC alerted them, after a television presenter was contacted by a member of the public who had found her home address," writes Computer Weekly's Karl Flinders. "Nick Bitel, CEO of the London Marathon, told the BBC: 'We immediately made sure the glitch was corrected.'"

"The error was rectified yesterday afternoon but it was not known for how long the data was available," writes The Independent's Kunal Dutta. "Last night, organizers tried to play down the incident which appeared to be a breach of the Data Protection Act and can amount to a civil or criminal offence."

"The Information Commissioner's Office said that it will be investigating the breach, telling The Inquirer, 'We're aware of a possible data breach involving the website of the organisers of the London Marathon. We will be investigating this, before deciding what action, if any, needs to be taken,'" writes The Inquirer's Carly Page.