D.C.: Metro website security breach made personal data accessible to public
Kris Van Cleave reports a breach involving the Washington Metropolitan Area Transit Authority web site:
Metro officials say that they’re working diligently to fix a security breach on their website that potentially allowed a person to access the personal information of anyone who has applied for a job with WMATA.
That data could be accessed by anyone who had the email address of a Metro applicant and was willing to do a little bit of clicking through WMATA.com’s Careers section.
The issue, which was brought to light by a caller to the ABC 7 newsroom, allowed people to quickly access the full profiles of job applicants, including resumes, addresses, phone numbers, references and several other pieces of data.
Read more on WJLA. WMATA claims a maximum of 13 people might be affected.