Local Authority Publishes Employee Bank Details to the World Wide Web

The *********** County Council have published a Database containing 44 of its employees details, including bank account and sort code numbers to the Internet. The timestamp of this database is the 15 September 2003 which would indicate that this information may have being available on the Internet since that date.

Having validated that the Employees are or have being employed by the *********** County Council, it is reasonable to assume that the Bank Sort and Bank Account Numbers are also valid.

From this same computer it is also possible to download an Information Technology Inventory which is available since the 28 October 2005, and contains the complete register and locations of all the Local Authorities Hardware and Software Assets.

A visitor can also download with impunity hundreds of other electronic documents such as the ********* County Councils Annual Budget for the Financial Year ended 31 December 2007, as well as Local Authority Meeting Agendas, and Minutes.

All of this information is generally available on the Internet and indexed by Search Engines such as Google, Yahoo, etc.

The website is not in the true sense a Website, rather it is a webserver and is just an open Directory Index of a Computer Server and its contents, which is used by the *********** County Council.

This information is available to download by anyone visiting this website and could be used by parties who may not have the best of intentions, and could use it to defraud any of the employees listed in the database or use this information to provide a fake identity.

This serious breach in security only demonstrates that either *********** County Council is blatantly disregarding normal Security measures, or that the *********** County Council have no real understanding about the technology they are using.

It is expected that this breach of security would be in contravention to the Data Protection Act 1988, and is also exposing its employees to the posability of serious Fraud.