Personal Privacy

Software Error in Tax Portal Revealed Private Data of 1.3 Million Dutch Citizens

The Infinite Brief
A software error in Denmark’s government tax portal has accidentally exposed the personal identification (CPR) numbers for 1.26 million Danish citizens.

The error lasted for five years (between February 2, 2015, and January 24, 2020) before it was discovered.

The software error and the subsequent leak was discovered following an audit by the Danish Agency for Development and Simplification (Udviklings-og Forenklingsstyrelsen, or UFST).

Government officials said the country’s tax portal contained a software bug that every time a user updated account details in the portal’s settings section, their CPR number would be added to the URL.

Curated from ZDNet

Leave a Response