Advertisement

Readers like you keep news free for everyone.

More than 5,000 readers have already pitched in to keep free access to The Journal.

For the price of one cup of coffee each week you can help keep paywalls away.

Support us today
Not now
Thursday 28 September 2023 Dublin: 12°C
Shutterstock/Thomas Andreas File photo of a woman using a laptop
# Data Breach
Personal data of MyHome.ie customers 'inadvertently' leaked online
The Data Protection Commissioner has been notified.
34.3k
17
May 19th 2021, 9:38 AM

PERSONAL INFORMATION OF customers of property website MyHome.ie was “inadvertently” leaked online, the company has confirmed.

A large number of customer files which were uploaded onto the MyHome.ie “customer relationship management (CRM) system” from 2014 were also, “unbeknownst” to the company, “automatically stored in a temporary folder on the MyHome.ie server”.

This folder was “inadvertently unsecured”, a spokesperson has confirmed. They added that the company has taken steps to rectify the issue by “removing and securing the relevant folder”.

The company has also notified the Data Protection Commissioner (DPC) and people who have used the CRM system since 2014.

The Journal has learned that the breach was discovered by tech company Vadix. During a recent review of publicly available cloud storage, Vadix discovered a large amount of files they believed belonged to MyHome.ie customers.

A spokesperson for Vadix said that over 700,000 documents dating from 2014 to 2017 were stored in the folder, including some passports, drivers’ licenses and compliance-related forms.

Vadix contacted MyHome.ie on 15 and 19 April about the Azure storage issue but did not receive a response, the spokesperson said.

When contacted by The Journal yesterday, MyHome.ie said it had rectified the issue earlier that day and contacted Vadix.

In a statement, a spokesperson for the company said: “There is no evidence to suggest that the data stored on this folder was accessed at any stage before this matter was brought to our attention. However, we do understand that an as yet unspecified number of these files included personal data.”

The spokesperson could not confirm the number of files in the folder, but confirmed that it was created in 2014.

The Journal has contacted the DPC for comment.

Note: Journal Media Ltd has shareholders in common with Daft.ie publisher Distilled Media Group.

Making a difference

A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

For the price of one cup of coffee each week you can make sure we can keep reliable, meaningful news open to everyone regardless of their ability to pay.

Support us Learn More

Author
Órla Ryan
orla@thejournal.ie
@orlaryan
Send Tip or Correction
Read Next
More Stories
Related Tags
Your Voice
Readers Comments
17
This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
Leave a Comment
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.

    Leave a commentcancel