29 Jul 2011

Russia hit with first big web-security scare

An information leak in Russia, in which private data - such as text messages, sales receipts from sex shops and government documents - has been turning up in web searches, Seeking Alpha reports. Shares of the Russian search engine involved, Yandex, took a minor hit following the news, the news source added.

Russian officials are scrambling to figure out what caused the compromise as Internet providers scramble to teach the country about Internet security. More than 80 retailers in the country are under investigation and may be prosecuted for failing to protect customer data, Russia’s telecommunications regulator told the Wall Street Journal.

Last week, mobile-phone company MegaFon made the text messages off limits to search engines and says it launched an internal investigation, according to news reports. In a statement, the company blamed a “technical malfunction,” the Moscow Times reported. However, when news of the compromise spread, many users sought other vulnerabilities elsewhere and were able to find personal data and sales receipts from businesses including online sex shops and travel agents, and documents from Russian government websites, the WSJ said.

A possible explanation for the lapse, offered by Google, is that information from web pages is only excluded from showing up in searches if a lock is used.