In the era of social networks, the line between personal and confidential data is gradually erased. Many people tell the whole World what and where they are doing at the moment with an accuracy of up to five meters, and this is not a concern to anyone.
But what if this and more confidential data is available to anyone without your knowledge?
How? The answer is simple as the very idea and convenience of the service called Internet banking. It is very convenient to control your account and know where money is spent from your credit card by reading the RSS feed in your favorite reader through a secure connection. Convenient and safe, but not always ...
This morning, having read all my Google Reader channels and having a little more free time, I decided to read “Recommended News”. Attention attracted the following entry in the tape:
Apparently Google decided that I would be interested in the channel to which my fellow countryman from Dnepropetrovsk subscribed. Everything would be fine if it were not a channel for invoicing a client of one of the popular Ukrainian banks.
Having opened the channel, I learned a lot about the client, for example:
FULL NAME. and residential address, because customer paid intercom services:
What domains he bought:
What computer, presumably, uses:
And also where and for how much I bought food, various goods, dined in restaurants, filled up cars and in what cities was the address of the terminals.
From the first entry dated 03/03/2010
, the reader conscientiously collected 115 accounts and showed them in the public domain.
I am a decent person, so I immediately contacted the Internet banking support service indicating the problem of accessing confidential data. About an hour, I spent on reporting problems due to problems with technical support chat. The operator persistently asked my contact details every time, but knowing about the long hands of this bank and fearing people in black who would come to me with the “forgetter”, he politely declined to answer, citing the lack of my connection with the client and Internet banking in general.
In the end, I got the answer that the problem was not theirs, but the client who added the RSS feed to the reader, thereby personally giving access to his accounts:
I brought only the end of the conversation, because Above said that there were problems with the chat - I was constantly knocked out of there.
The answer did not quite satisfy me. But what about bank secrecy, the protection of confidential information? Is it really so easy for a person to personally give public access to his accounts and in general to his life? Therefore, I decided to go directly to the client. It was not difficult to find him, since all the information about him was known to me. Calling him to work, I described the situation to him. From the conversation I realized that he simply added RSS from the bank account to the Google Reader account, without assuming that everything would turn out that way.
Thanking each other, we said goodbye to this.
The sense of accomplishment overwhelmed me, but today's events made me think seriously about the role of Google in our life, about credit cards and bank secrecy.
All three sides of this story are to some extent guilty, Google because by default it opens access to personal tapes, the bank - because it allows Google spiders to read the tape, and of course an inattentive client.
Be careful always and everywhere!