Site exposes security risk

Poor communications between an event management company and an ISP may have exposed credit card details of some customers.

Most at risk are delegates to an upcoming Canberra conference organised for the government-funded industry association Software Engineering Australia (SEA).

Some delegates to the conference have been registering by credit card via a Web site hosted by Canberra ISP Netspeed for events company Einsteinandedison.

It appears the Web payment process set up for the event was not secure, according to both Einsteinandedison CEO Elizabeth Bomben and Netspeed MD Brian Morris. But neither accepts responsibility for the situation.

Bomben said problems first surfaced in April after Netspeed was engaged to host a secure site.

"We would go in and sometimes it said the digital certificate had expired and at other times nothing appeared."

Discussions failed to resolve the issue and her events company got phone calls from users complaining the site did not appear to be secured, she said.

Netspeed told her several weeks ago the certificate for its server had expired and would not be renewed because Netspeed was switching to a new server, she said.

Netspeed's Morris agreed the conference registration page was not being called in a secure fashion. However, the difficulty was due to Web registration forms not being put in a secure mode, he said.

"It is up to the Web page designer to tell a page to go into a secure mode. They [the events company] has somebody else doing its HTML, we are only providing [the company] a secure server to link to."

Susan Dart, SEA national chief executive officer, said she was aware of the situation and was taking steps to rectify it.

"This is not acceptable. We had thought everything was secure and it has been a bit of a shock to find security did not exist any more."

Perhaps ironically, the Canberra conference is focused on what things Australia's IT industry does best and how it can push forward.

Einsteinandedison's Bomben said registrations for the SEA conference have been open for several weeks. She estimated only handful of people have used credit cards on the site.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Pete Young

Computerworld
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?