Epic Fail in The Netherlands
Corona times are very interesting… but what if the times get TOO interesting, and turn out to have very unwanted side effects. That seems to be going on here in the Netherlands. Of course, people are currently undergoing massive testing, voluntarily or otherwise. That aside ... but if you let yourself be tested you can expect that people will at least treat your private data confidentially. And the latter turns out to be an illusion again.
Not so Confidential
Today it became known that GGD, THE organization that supervises all Corona tests, and where all private data of people end up in a large database, is not so confidential with the data of many Dutch people. In fact, at the moment a very lucrative trade is flourishing in the private data of many Dutch people, whereby names, residential addresses, but also citizen service numbers are just lying on the street and being sold!
What is going on here?
Private data of millions of Dutch people
An article via RTL news brought the news out. GGD is currently working with two main systems to store and keep their “Corona data”. Employees, who often work from home, must of course have access to this. It concerns systems for the patients, so a system for people who are known to be infected with Corona ... (how this sounds very condescending), and the second system is for so-called Source and Contact Research. It collects data from millions of other Dutch people. People who have been in contact with a person known to be infected with Corona. And well, that can be anyone.
Uhm not so safely locked up
That is all up to that point, but these systems contain very sensitive private information of millions of Dutch people, safely locked up. Well, saved. Because locked up turns out to be the wrong word. Where you might expect this information to be locked up, the opposite now appears to be true. And an illegal trade is currently being conducted on a large scale. The sensitive private information of millions of Dutch people is literally on the street. And that private confidential data is sold, just like that!
Citizen Service Numbers for sale
It is therefore possible that if you have ever had yourself tested at GGD that your data has now been resold. Besides the fact that it does not feel good if everyone can just see your private data, and therefore know your name, where you live, that you were infected with Corona, or were in contact with someone who turned out to be infected, your citizen service number is also on the street. With all this data in foreign hands (and it won't be the fairest of hands), you can easily become a victim of phishing and stalking. But that citizen service number… that is a very dangerous thing if it is resold. Because with this citizen service number it is very easy to commit “identity fraud”. Oops. Not so handy that this data is sold illegally on a large scale!
This was going on for months
What I found most shocking about this news was that apparently it is not something of today, but that this data has been sold for MONTHS through services like Telegram, Snapchat and Wickr, (the latter I had never heard of by the way) . Apparently it is very common to pay between 30 and 50 euros to someone and they then specifically look up the details of a specific person. For this small amount you will receive the home and email address, telephone and citizen service number. Gosh, easy earning for the people who have access to the data. But you would expect that GGD can immediately stop this. Well that turns out to be a bit more difficult. In my opinion this can really be called an EPIC FAIL, because they do not know who exactly has access to this data. Huh? What? Why don't they know?
How is this possible?
How can an organization such as GGD, which therefore has to deal with the private data of millions of Dutch people, not know who has access to this data? Isn't that completely ridiculous? Or am I the only one who finds this so ridiculous?
Suppose I had been tested, which luckily I did not, but then it could just have been that my private data had been resold. And that some criminal had run off with my social security number and changed my details at the tax authorities. That joke can cost someone quite a bit if another maliciously pretends to be you. And prove that it was not you if your citizen service number is attached to it.
Because names, telephone numbers, residential addresses etc are on the street, it is also quite easy to add 1 and 1 together ...
Payment via BITCOIN
Payment for this data was made via Bitcoin or a payment card Paysafecard. Hmmm, crypto once again gets a bad name because of this kind of jokes. RTL news had requested permission in advance from a number of them to test this persons, and in their tests they have in all cases received correct private data from the sellers. Shocking right?
GGD kept it silent
But if you think that GGD has honestly released this news itself… then again you are wrong. This news has been kept silent by the GGD, and they also indicated that they did not know. Knowing it, they immediately took further action. However, what those measures are is not stated.
Ah now the police cyber-team is investigating
After it became known, the police started an investigation with a so-called Cyber team, and two arrests were made. They do not rule out multiple arrests will follow. But what is two arrests on a large network.
If you ask me, you can give this a name, an EPIC FAIL that should cost them very dearly. I am curious about the continuation of this story and for the time being very happy that my data should not have been in these systems.
Posted Using LeoFinance Beta