NZ government network leaking data like a sieve
A row has broken out in New Zealand after a blogger exposed serious security flaws in that country’s job-seeker network.
The blogger, Keith Ng, demonstrated that public job-seeker kiosks had unauthenticated access to the corporate network of the Ministry of Social Development (MND).
His posting raised concerns that attackers might have similar access to MND documents not only from kiosks, but from the Internet. The MND has shut down all kiosks while it investigates the incident, but has still been criticized by Paul Matthews, CEO of NZ’s Institute of IT Professionals, for a “systematic failure of IT security and governance”.