Site exposes security risk

Poor communications between an event management company and an ISP may have exposed credit card details of some customers.

Most at risk are delegates to an upcoming Canberra conference organised for the government-funded industry association Software Engineering Australia (SEA).

Some delegates to the conference have been registering by credit card via a Web site hosted by Canberra ISP Netspeed for events company Einsteinandedison.

It appears the Web payment process set up for the event was not secure, according to both Einsteinandedison CEO Elizabeth Bomben and Netspeed MD Brian Morris. But neither accepts responsibility for the situation.

Bomben said problems first surfaced in April after Netspeed was engaged to host a secure site.

"We would go in and sometimes it said the digital certificate had expired and at other times nothing appeared."

Discussions failed to resolve the issue and her events company got phone calls from users complaining the site did not appear to be secured, she said.

Netspeed told her several weeks ago the certificate for its server had expired and would not be renewed because Netspeed was switching to a new server, she said.

Netspeed's Morris agreed the conference registration page was not being called in a secure fashion. However, the difficulty was due to Web registration forms not being put in a secure mode, he said.

"It is up to the Web page designer to tell a page to go into a secure mode. They [the events company] has somebody else doing its HTML, we are only providing [the company] a secure server to link to."

Susan Dart, SEA national chief executive officer, said she was aware of the situation and was taking steps to rectify it.

"This is not acceptable. We had thought everything was secure and it has been a bit of a shock to find security did not exist any more."

Perhaps ironically, the Canberra conference is focused on what things Australia's IT industry does best and how it can push forward.

Einsteinandedison's Bomben said registrations for the SEA conference have been open for several weeks. She estimated only handful of people have used credit cards on the site.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Pete Young

Computerworld
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?