Okay, this is bad. So bad that if it had been published before I wrote my “worst breaches of 2011” post, it would have probably made the list.
The Office of the New York City Public advocate was hacked and the entire database appears to have been dumped, including thousands of pages of highly personal details of those who sought the public advocate’s assistance via a form on their web site: names, addresses, telephone numbers, e-mail addresses, medical conditions, financial woes, and reports of abuse and domestic violence as well as the expected complaints about landlords, construction, noise, and rats and mice — lots and lots of rats and mice. The requests for assistance appear to go back to April 2010, raising the question as to why such old material was still on the server instead of being archived or moved offline.
Politically, exposure of reports of alleged police misconduct and city government incompetence should be embarrassing to the agency. That is, if the mainstream media ever find out about the breach and journalists decide to work their way through the entries.