0

Forty three British MPs have backed a House of Commons motion calling for the Duchy of Cornwall estate, owned by Prince Charles, to make its accounts more transparent and the finances of the Prince of Wales clearer. Which is just what might happen following the disclosure that a laptop belonging to the company that handle the Duchy payroll has been stolen.

A company spokesperson has told us journalist types that this could "pose a security threat if a technical expert was able to breach its password protection."

Well duh.

More to the point, a company that lets such incredibly sensitive data out and about, stored on a laptop, which was then left in a car from where it was stolen, does not exactly inspire a sense of security from the get go. A feeling compounded by the fact that this is the same company that had another payroll heavy laptop, with details of the staff of the Eden Project tourist attraction, all 500 of them, stolen just a couple of weeks ago.

The idea that all will be required to access the data on the Duchy of Cornwall accounts laptops, which includes details of the private bank account and national insurance number of Prince Charles, is for the password to be cracked almost beggars belief. To whoever has the computer, given the security track record so far, may I suggest you try ‘password’ as your first attempt.

Has Moorepay, the company concerned, not heard of encryption for example? Or keeping this kind of sensitive financial data on a central server, accessed in the field by way of a secure VPN so that the data does not actually reside on the laptop itself?

Perhaps they will have heard of the phrase ‘to the tower’ and ‘off with their heads’ which could come ringing loud and clear if Prince Charles discovers his bank details have been used to purchase some large electrical goods, make numerous telephone calls to Nigeria and open a number of new credit card accounts.

Still, seeing as Bonny Prince Charlie earned a reported £15 million from the Duchy of Cornwall estate last year alone, chances are he won’t miss the odd few pounds.

As of yet, no comment has been forthcoming from the future King of England...

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

3
Contributors
3
Replies
4
Views
10 Years
Discussion Span
Last Post by happygeek
0

My condolences to Prince Charles, and shame on Moorepay for putting the Prince in such a risky situation.

However, 193 countries in the world and "Nigeria"was the first that came to mind in connection with fraud? Uncool.

0

Thinka

However, 193 countries in the world and "Nigeria “was the first that came to mind in connection with fraud? Uncool.

That’s the problem did you though about Russia or Latvia or Bulgaria? They are number one when comes to fraud too. So don’t assume just because some Nigerians use the internet for fraud makes them number one. Just think these for moment 146 million people are Nigerian can you imagine if were all fraudster??

0

Unfortunately Nigeria does immediately spring to mind when it comes to ID fraud and phishing scams, courtesy of the whole 419 history. No, it is not the only country involved in such things, but it does have the highest profile and for good reason...

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.