900,000 Danish ID numbers leaked online
The leak took place through the Danish "Robinson List" which lists people who are immune from direct marketing, officials said Thursday. The exposure took place back on Wednesday while the personal details were available for almost an hour.
The Social Security numbers were being sent from CSC, a Danish IT company that works with the Danish government, to the State Social Security Office.
It is common practice for Denmark’s financial institutions, hospitals and other government agencies to request the number as a proof of identity, meaning the exposure left several people wide open to abuse.
The list was downloaded 18 times in the time in was made available to the public.
"We come from an analog world in which the Social Security number was super convenient. But it does not fit into a digital world that has a number that is so easy to crack," said Council President for Digital Security, Birgitte Kofod Olsen, reported Danish business daily, Borsen.
"When you have a birthday and age, it is easy to guess the rest." ■