Good to see a media company copping some legal action for using hacked data to run stories

It’s good to see a media company copping some legal action for using hacked data to run stories: Quote:

Vector has applied for a High Court injunction to stop Stuff making further use of customer data leaked to the news site. It wants the files returned or destroyed.

Stuff tells NBR the files have been destroyed already, but Vector says it has heard nothing, and still has several issues with the way the publisher used the data (keep reading). End quote.

Yeah, destroyed after they’ve?had a good lash with news stories. Just like a certain fiction writer I am acquainted with. Quote:

On April 27, a member of the public tipped off Stuff that a security hole in the Vector Outage App meant some customers’ names, addresses and phone numbers could be seen by other customers.

The tipster also handed Stuff an unknown number of Vector customers’ details. End quote.

Tipster? I think they mean thief, hacker and criminal. Quote:

Vector corporate communications head Richard Llewellyn says his company has no issue with Stuff writing a story, and refusing to name its source. However, to protect its customers’ privacy, it wants the publisher to destroy or return the leaked files. End quote.

I have a problem with media organisations using stolen and hacked data. Quote:

On the same morning Stuff’s story appeared, Vector confirmed about 24,000 accounts were affected. It has informed the Privacy Commissioner and planned to contact each of the affected customers.

Mr Llewellyn said Vector knew of at least one of its customers affected by the breach ? broadcaster Jude Dobson ? who had been contacted by Stuff.

How many more names does Stuff have? Only Ms Dobson? A handful? All 24,000?

“We don?t know the extent of data it has beyond that, we have some views, but we are still investigating,” Mr Llewellyn says.

He adds, “In today?s world, with the recent privacy-related revelations about the likes of Facebook and the unauthorised use of personal information by third parties, we believe this is an issue that customers are increasingly aware of and concerned by.” End quote.

The media encourages hackers because they treat them with protection, kudos and deference. In some instances they fawn all over them. Quote:

Privacy Commissioner John Edwards says Vector looped him in before it took its action, and that he’s monitoring events.

“It is quite understandable for an agency to take steps to secure customer data that a third party is refusing to return or destroy,” he says.

Mr Edwards confirms that, as a media company, Stuff is exempt from the Privacy Act. End quote.

Really? Didn’t stop the Privacy Commission having a crack at me in the Human Rights Review Tribunal and, despite having an unchallenged High Court judgement confirming I am a journalist and Whaleoil is a media organisation, they went right ahead and put me through the ringer. Quote:

Stuff editorial director Mark Stevens says the leaked Vector customer files at the centre of a legal dispute have been destroyed.

He has not personally informed Vector of that fact.

The data was held only until we determined news-gathering activities on this story had finished,” Mr Stevens says.

“When I was comfortable with that, I ensured the file containing customer contact details ? which we received through a secure server ? was destroyed. End quote.

Oh, how good of them. They used the data until they assessed they couldn’t get any more revenue out of the story. What a bunch of dishonest pricks. Quote:

“We did not agree to demands from Vector to return material to it because that could obviously risk identifying our source.” End quote.

I think they mean criminal hacker, not source. Quote:

When informed by NBR that Mr Stevens said the leaked customer data had been destroyed, Vector’s Mr Llewellyn replied: “We haven?t heard from Stuff. In our last communication with it on this matter we were told by Stuff that it doesn’t ‘intend destroying or returning’ our customers’ data.”

He says, “We have now seen Stuff’s reported comments [in the initial version of this article] that it has destroyed the data. These reported comments are disappointing. We are confident Stuff could have destroyed or returned the data, as requested several times, without risking the source. And to be clear, at no stage did we ask them to disclose the information source. While we were made aware of a data vulnerability a few days before being contacted by Stuff, which is already being addressed, we were not aware of a data breach until being contacted by Stuff.” End quote.

So, Stuff couldn’t even be arsed talking to the victim of a crime… to let them know that they’d finished rinsing them and their own data was now destroyed… all, you know, so the source could be protected.