News Section Logo NEWS - Return to news section

 

French "Three Strikes" Monitoring Firm Hacked

Posted by: , 16:07 AEST, Wed May 18, 2011

Permanent Link     Add Comments
A company that is responsible for collecting user data for France's "three-strikes" system has had one of its servers breached due to lax security

A firm responsible for managing France's "Three Strikes" anti-piracy program has had one of its servers accessed due to poor security, with the possibility that personal data has been stolen.

The firm, Trident Media Guard (TMG), has tried to downplay the incident saying that they believe "no personal data was disclosed", as the "hacked" server was merely a test server.

TMG helps the French government monitor P2P networks to collect user data, including IP addresses, for use in sending warnings to downloaders, and cutting off their Internet access if they do not heed the warning, the so called "graduated response". 

Even if personal data of the thousands of people TMG has collected information on, as part of the government's program to catch online pirates, was not accessed, the test server did yield a treasure trove of information, including scripts and clients used by TMG to collect data, as well as IP addresses used to create fake peers (addresses that, if known, can be blocked and thus prevent TMG from continuing to monitor P2P traffic).

The security breach was discovered by security researcher Olivier Laurelli, who uses the nick Bluetouff online. He discovered that due to lax security on the test server, which allowed contents on the server to be viewed with little trouble. The most worrying inclusion appears to be passwords that TMG uses.

Do you think private companies tasked with handling sensitive personal data for the government should be held to a higher standard when it comes to security and privacy issues? Post your comment in this news article's comments section, or in this forum thread:

http://forum.digital-digest.com/showthread.php?t=94865


Comments:

Related News:

News Icon PSN Hack: Hacker Accesses Personal Information, Credit Card Details Possibly Stolen

posted by: Sean F, 11:55 AEST, Wed April 27, 2011

News Icon Notorious UK Anti-Piracy Law Firm, ACS:Law, Calls It Quits?

posted by: Sean F, 14:22 AEDT, Wed January 26, 2011

News Icon Sony: 25 Million More Account Information Stolen

posted by: Sean F, 13:47 AEST, Tue May 3, 2011

News Icon PSN Hacker Attempts To Sell Stolen Data, Including Credit Card Numbers

posted by: Sean F, 15:33 AEST, Sat April 30, 2011

News Icon Fighting Around The World, Piracy Edition

posted by: Sean F, 18:12 AEST, Tue April 12, 2011