corsasport.co.uk
 

Corsa Sport » Message Board » Off Day » Geek Day » Data Theft


New Topic

New Poll
  Subscribe | Add to Favourites

You are not logged in and may not post or reply to messages. Please log in or create a new account or mail us about fixing an existing one - register@corsasport.co.uk

There are also many more features available when you are logged in such as private messages, buddy list, location services, post search and more.


Author Data Theft
MikeLamb
Member

Registered: 23rd Sep 03
Location: Crowthorne Drives: Veccy SRI
User status: Offline
2nd Mar 06 at 18:58   View User's Profile U2U Member Reply With Quote

Got a question for you lot!

I run a forum with a mate, with approx 350 members. We both have admin rights to the server but I host it & pay for the hosting. We fell out last week and he decided to throw away years of trust by copying the database, deleting it and all backups off my server before setting the forum up somewhere else & emailing every member to tell them it had moved.

Its gutting to have been betrayed by a close friend of 5+ years, but rather than punching him in the face, I was wondering of theres anything that could potentailly be done legally?

I am very unlikely to do anything but if I get back to him with a load of legal babble (Ian!!) then I can at least scare him and give him that feeling wondering if hes going to get screwed over legally.

The issue of course is that I gave him access to the database, but the question is by giving him access did I give him permission to use all these peoples details in this way without my explicit permission? Or has he broken some data protection law there?


Any advice would be appreciated!



Cosmo
Member

Registered: 29th Mar 01
Location: Im the real one!
User status: Offline
2nd Mar 06 at 19:04   View User's Profile U2U Member Reply With Quote

Im not sure on the legal implications myself, but have heard of it happening in the past to someone I know so will see if I can get hold of them and ask what they did.

Its a lesson to not give people full access though, no matter how much you trust them!
MikeLamb
Member

Registered: 23rd Sep 03
Location: Crowthorne Drives: Veccy SRI
User status: Offline
2nd Mar 06 at 19:16   View User's Profile U2U Member Reply With Quote

Thanks Cosmo, yes very valuable lesson learned.

I just want to scare him enough into giving me the database back
James_DT
Member

Registered: 9th Apr 04
Location: Cambridgeshire
User status: Offline
2nd Mar 06 at 20:04   View User's Profile U2U Member Reply With Quote

You could argue that the data isn't being used for the purpose it was intended. But then again, it technically is as it's being used for the same forum.
Ian
Site Administrator

Avatar

Registered: 28th Aug 99
Location: Liverpool
User status: Offline
3rd Mar 06 at 00:31   View Garage View User's Profile U2U Member Reply With Quote

Deleting data if you're not authorised to do so is illegal - Computer Misuse Act 1990

You would have to prove the authorisation though, as he did have admin rights. Not sure were being admin and being authorised to do whatever the hell you please stop and start tbh.

Plus its your stuff - you were paying. Might be construed as theft - intent to perminently deprive.

Not sure if there's a Data Protection Issue, only one thats springing to mind is the purpose principle as James said. Purpose is administering a forum, not facilitating a takeover.

Not sure tbh, its a complicated one.

As its free and usually worthwhile, give the Information Commissions Office helpline a call about the DP issues, see if they can suggest anything.

http://www.ico.gov.uk/eventual.aspx?pg=SR&cID=625
Kyle T
Premium Member

Avatar

Registered: 11th Sep 04
Location: Selby, North Yorkshire
User status: Offline
3rd Mar 06 at 01:36   View Garage View User's Profile U2U Member Reply With Quote

That what happened to sniffglue? We all use it at work for Ebay on the nightshift, but ill pass the message around for everyone to stop using it and find another proxy browser.

Hope you get it sorted.


Lotus Elise 111R

Impreza WRX STi
MikeLamb
Member

Registered: 23rd Sep 03
Location: Crowthorne Drives: Veccy SRI
User status: Offline
3rd Mar 06 at 08:58   View User's Profile U2U Member Reply With Quote

quote:
Originally posted by Kyle T
That what happened to sniffglue? We all use it at work for Ebay on the nightshift, but ill pass the message around for everyone to stop using it and find another proxy browser.

Hope you get it sorted.



I'll send you a link to the proxy if you get all your mates to sign onto sniffglue.co.uk and complain at "yK" -- hes the one who did it!
MikeLamb
Member

Registered: 23rd Sep 03
Location: Crowthorne Drives: Veccy SRI
User status: Offline
3rd Mar 06 at 08:59   View User's Profile U2U Member Reply With Quote

quote:
Originally posted by Ian
Deleting data if you're not authorised to do so is illegal - Computer Misuse Act 1990

You would have to prove the authorisation though, as he did have admin rights. Not sure were being admin and being authorised to do whatever the hell you please stop and start tbh.

Plus its your stuff - you were paying. Might be construed as theft - intent to perminently deprive.

Not sure if there's a Data Protection Issue, only one thats springing to mind is the purpose principle as James said. Purpose is administering a forum, not facilitating a takeover.

Not sure tbh, its a complicated one.

As its free and usually worthwhile, give the Information Commissions Office helpline a call about the DP issues, see if they can suggest anything.

http://www.ico.gov.uk/eventual.aspx?pg=SR&cID=625


Cheers Ian..

I dont know if it makes any difference but I never actually gave him access. I used the same credentials that were used on the previous server but I never gave him permission to use this one.
Ian
Site Administrator

Avatar

Registered: 28th Aug 99
Location: Liverpool
User status: Offline
4th Mar 06 at 03:41   View Garage View User's Profile U2U Member Reply With Quote

So how did he come across those credentials?
Matt H
Member

Registered: 11th Sep 01
Location: South Yorkshire
User status: Offline
4th Mar 06 at 08:55   View User's Profile U2U Member Reply With Quote

Tim told me he plans to do the same with CS
Ian
Site Administrator

Avatar

Registered: 28th Aug 99
Location: Liverpool
User status: Offline
4th Mar 06 at 13:49   View Garage View User's Profile U2U Member Reply With Quote

He knows I would leave him if he did.
MikeLamb
Member

Registered: 23rd Sep 03
Location: Crowthorne Drives: Veccy SRI
User status: Offline
4th Mar 06 at 19:31   View User's Profile U2U Member Reply With Quote

quote:
Originally posted by Ian
So how did he come across those credentials?



I moved it from one domain to another, i always use the domain as the login for the cp and one of several passwords. I used a password he knows I use, when I set it up so he could get access if needed. While I wouldnt have kept the password from him, I didn't give it to him.


Ian
Site Administrator

Avatar

Registered: 28th Aug 99
Location: Liverpool
User status: Offline
4th Mar 06 at 19:42   View Garage View User's Profile U2U Member Reply With Quote

So basically the password was very weak indeed, but the access wasn't actually authorised?

Thats quite illegal.
MikeLamb
Member

Registered: 23rd Sep 03
Location: Crowthorne Drives: Veccy SRI
User status: Offline
4th Mar 06 at 19:46   View User's Profile U2U Member Reply With Quote

Exactly.

The password was weak is the respect that we both knew it on purpose, I set it when we were running it together.
Matt H
Member

Registered: 11th Sep 01
Location: South Yorkshire
User status: Offline
5th Mar 06 at 11:53   View User's Profile U2U Member Reply With Quote

quote:
Originally posted by Ian
He knows I would leave him if he did.




 
New Topic

New Poll

  Related Threads Author Forum Replies Views Last Post
mirrors getin done in bodyshop *MANY PICS * waynep General Chat 23 823
29th Jul 04 at 15:27
by Siberia
 
found a few pics of my car thought id let u have a look waynep General Chat 54 2177
25th Jan 05 at 17:18
by corsa-crazy
 
16" kosei sport alloys with tyres ! 56k beware . MANY PICS waynep Parts Offered 5 803
25th May 05 at 07:10
by corsa-crazy
 
Cheesy you lucky git!!! Nismo General Chat 46 2530
31st Oct 05 at 11:27
by Jambo
 
Writing a PHP forum from scratch James Geek Day 8 1017
2nd Nov 05 at 23:40
by Ian
 

Corsa Sport » Message Board » Off Day » Geek Day » Data Theft 29 database queries in 0.0181949 seconds