AA criticised over data issue

The BBC reports that the AA has been criticised over the way it has handled a data breach involving 13 gigabytes of data.

The data cache was viewable online for a few days in April, with the motoring organisation claiming that it contained no ‘sensitive’ information. However, a security researcher who analysed the leak said he found details including email addresses, names and parts of payment card numbers. He said it was a ‘very serious incident’ the AA needed to address.

A server ‘misconfiguration’ was blamed for giving access to two back-up files that contained information about orders for maps and other products from retailers and some customers.

The AA said it investigated, sampled the data and, because it was not sensitive and only accessed a few times, ended the investigation. The motoring group has started an independent inquiry into the breach and also told the UK’s Information Commissioner about it.

‘We take any data issues incredibly seriously and would like to reassure our AA Shop customers that their payment details have not been compromised,’ said Edmund King, president of the AA.