About me
Archive
About me

Quick work… Theatre Royal website fixed!

Less than four hours after I exclusively reported the Theatre Royal’s web oopsie, they’ve fixed it. A new email has gone out with a new, unique temporary password for each user.

Loophole closed, and an sjhoward.co.uk win!

This 1,413th post was filed under: Technology, , , .

Shocking web security fail by Theatre Royal Newcastle

Theatre Royal, Newcastle upon Tyne

Theatre Royal, Newcastle upon Tyne

The Theatre Royal in Newcastle (the Northern Home of the Royal Shakespeare Company) has a new website today, developed by Firechaser.

I don’t know about chasing a fire, but they may need to extinguish a virtual one soon.

The Theatre has emailed me to say that my details have been moved over to the new site, and I should login with my email address and the temporary password of “theatreroyal”.

Yes, logging in with my email address and that pisspoor non-unique standardised password will give you access to all of my personal data – including my phone number, address, and theatrical interests – plus the opportunity to change my password and lock me out of my own account. Or at least it would, if I hadn’t changed my password.

That is a clear and obvious breach of the Data Protection Act’s security requirements – plus, it’s frankly astounding that anyone thought it would be okay. Let’s hope they wise-up soon.

Photo by Stephen Douglas, used under licence

This 1,412th post was filed under: Technology, , , .


The content of this site is copyright protected by a Creative Commons License, with some rights reserved. All trademarks, images and logos remain the property of their respective owners. The accuracy of information on this site is in no way guaranteed. Opinions expressed are solely those of the author. No responsibility can be accepted for any loss or damage caused by reliance on the information provided by this site. This site uses cookies - click here for more information.