A large number of municipalities has on the internet login data for an extranet of the Council of State published. Via the extranet documents to the Council be sent. According to the Stainless steel itself is the potential for abuse ‘small’.
Through search engines can easily access data for a extranet of the Council of State to be found, writes Computerworld. The data are in letters written by the Council of State be sent, and that by dozens of public bodies, virtually all municipalities, by mistake are published on the web. With at least one published username and password could be logged in.
The extranet is used to documents to the Council of State to send. “The municipalities can, for example, zoning and beroepsschriften upload”, said Wendy van der Sluijs, a spokeswoman for the Council of State. “That a number of municipalities, the login data on the internet has published, is not so useful,” says Van der Sluijs.
According to Webwereld would be attackers with the credentials and current affairs at the Council of State can affect by itself the documents to upload. The potential for abuse is small, however, thinks the spokeswoman. “The password is not in itself enough to upload documents. There is also a key need,” says Van der Sluijs. “It is very unlikely that someone over both.” Van der Sluijs don’t know if the passwords that have been published, be withdrawn.
Update, 15:20: Spokeswoman Asha Khoenkhoen of the Association of Dutch Municipalities say they don’t know how many municipalities the login details have leaked. Khoenkhoen is also curious as to how the procedure for the disclosure of documents to look exactly. “On the one hand, communities need certain information to make public, on the other hand, you do want this kind of information is not public,” she says, which she suggests that municipalities may by a procedure unintentionally to be obliged to this kind of information to reveal.
