The home addresses and personal email details of some 38,000 participants in Sunday’s London Marathon were exposed for anyone to access on the race’s official website, according to a BBC News report.
According to reports, the private information was free for anyone to access in the section of the website which allowed runners to order commemorative medals.
Celebrities who took part in the race – and whose personal details were presumably available for anyone to access – include celebrity chef Gordon Ramsay, Shadow chancellor Ed Balls, pop singer Will Young, newsreader Sophie Raworth, and stars of TV shows such as Coronation Street and The Only Way is Essex.
A member of the public stumbled across the problem, who then contacted the BBC. The BBC appears to have acted responsibly, informing the London Marathon organiser’s about the problem on Monday evening.
Nick Bitel, chief executive of the London Marathon, apologised for the security lapse, and said that action was taken immediately to correct the problem.
“We do not believe that this has led to a substantial number of individuals’ details being accessed by members of the public,” Bitel told the BBC.
Nevertheless, questions will be asked as to how the goof could have been allowed to happen.
High profile incidents like this reinforce the need for all website developers to build sites with security in mind. The data you collect about individuals must be secured appropriately – otherwise it could be your organisation making the headlines next time.
The majority of people who take part in the London Marathon do so with the fantastic purpose of raising money for charity – the last thing they deserve is to find their personal information exposed by sloppy security by the organisers.