Your Bucks
Get involved: send your photos, videos, news & views by texting bfp news to 80360 or email »
Bank details safe after computer thefts
1:04pm Thursday 8th May 2008
Comments (20)THE ORGANISERS of an international music festival say customers' details are safe after their website servers were stolen from a High Wycombe software company.
Burglars broke into the offices of Opal communications company in Cressex Business Park at around 10.30pm on Sunday. They used a stepladder to gain access to a first floor window.
When inside they stole computer accessories, software and hard drives including those used to power the website of the World of Music, Arts and Dance (WOMAD) music festival.
The festival is organised by Real World , a company owned by musician Peter Gabriel, and is scheduled to be held at a site near Malmesbury, Wiltshire in July. There are other WOMAD events in countries across the world.
Andy Wood, spokesman for Real World, said: "There were a number of items that were stolen.
"We had servers stolen, the result being that we had to set up in a completely different location."
The theft of the servers has caused the WOMAD website to crash.
Mr Wood said that all of the confidential information of customers who bought tickets to the festival are stored in a secure location, so no bank details have been lost.
Your Say YourBucks Free Press
Ivor, says...
2:12pm Thu 8 May 08
Did they not have security doors, alarms and have their computers bolted down to prevent theft?
davejones, Beaconsfield says...
3:11pm Thu 8 May 08
Mario wrote:Anyone familiar with computers would know that a webserver is unlikly to hold the database as well.
I'm sorry, but this story is complete hogwash. Anyone familiar with computers and the like would know that if servers are stolen then information can be gleaned. The other "secure location" is purely there for disaster recovery purposes, and has a faithful copy of all the data on the original servers. So, either WOMAD's servers have been stolen or not. I see from the story they have been stolen. Therefore confidential customer information is now available to the perpetrators. Stop lying you treacherous oafs!
I think it's your IT knowledge that's hogwash.
Blaze Falconburger, HW says...
3:34pm Thu 8 May 08
In any case, storing personal/card details really should be stored on encrypted disks only. The servers should be physically secured down in a security cage if they are important!
Blaze Falconburger, HW says...
3:34pm Thu 8 May 08
In any case, storing personal/card details really should be stored on encrypted disks only. The servers should be physically secured down in a security cage if they are important!
Blaze Falconburger, HW says...
3:35pm Thu 8 May 08
In any case, storing personal/card details really should be stored on encrypted disks only. The servers should be physically secured down in a security cage if they are important!
h/w vioce, High Wycombe says...
4:44pm Thu 8 May 08
Mario, Bucks says...
7:36pm Thu 8 May 08
Why has the firm gone to the papers with this theft (potentially damaging for the business), unless some serious sh*t has been stolen?
davejones, Beaconsfield says...
8:16pm Thu 8 May 08
Blaze - It's highly likely the disks were encrypted and you would normally try and apply the security measure to the whole server room rather then individual servers with "security cages". The reason the cabs are normally bolted to the floor is more H&S then physical security.
Maybe the firm has gone to the papers to assure any customers their details are safe, if they were trying to cover it up surely they would keep quiet?
Wycombe Resident, High Wycombe says...
11:23pm Thu 8 May 08
Demonstration enough of how a little knowledge goes a long way to make empty vessels make a load of noise.
You're not one of these "computer consultants" fleecing the Wycombe public by trying to blind them with your warped view of computer science are you?
Blaze Falconburger, HW says...
9:28am Fri 9 May 08
Security cages for the servers are just another step of physical security that the thieves have to go to in order to steal the server or the disks. Nothing to do with H&S, more often requested by auditors. It depends how secure you want your data - individual cages for each server will take up much more room than a rack, but like anything security related, it is a trade off depending on the level of security you require.
Blaze Falconburger, HW says...
9:28am Fri 9 May 08
Security cages for the servers are just another step of physical security that the thieves have to go to in order to steal the server or the disks. Nothing to do with H&S, more often requested by auditors. It depends how secure you want your data - individual cages for each server will take up much more room than a rack, but like anything security related, it is a trade off depending on the level of security you require.
Blaze Falconburger, HW says...
9:28am Fri 9 May 08
Security cages for the servers are just another step of physical security that the thieves have to go to in order to steal the server or the disks. Nothing to do with H&S, more often requested by auditors. It depends how secure you want your data - individual cages for each server will take up much more room than a rack, but like anything security related, it is a trade off depending on the level of security you require.
Mario, Bucks says...
11:08am Fri 9 May 08
For the piddling amount of data held for this firm no way would the data and web servers be at two locations, it's a tuppence halfpenny managed service contract!
We are not talking about BP or GSK corporate data here, but some WOMAD ticket data for pities sake!
davejones, Beaconsfield says...
11:24am Fri 9 May 08
Most datacenters I've been in would seek to prevent access to intruders full stop and wouldn't accept the compromise of the additional space required for a small extra security measure. Generally the hardware value is of little or no concern so encrypting the data and preventing access is seen as adequate.
The H&S comment is valid because all cabs tend to be secured so they cant tip when you extend the racks, either to each other or to the floor. This has nothing to do with security.
Mario - Do you have any extra information on the site that is not stated in the article or are you merely hypothesising? It is standard practice to hold the website and the database on separate servers and there is no reason to have these in the same physical location. It states in the article that this is how it was done, yet you apparently don't believe this. Unless you have an inside source I believe you are just trying to stir some controversy where there is none.
Alexander, Wycombe says...
10:43pm Fri 9 May 08
Many of these service providers only have one location!
Mario, Bucks says...
11:00am Sat 10 May 08
Wycombe Resident, just read your garble. I'd lay of the whisky that late at night, your probably over the limit when you get behind the wheel in the morning.
Steve, Totteridge Hill says...
9:09am Sun 11 May 08
davejones, Beaconsfield says...
5:51pm Sun 11 May 08
so what's you're point?
Alexander - this may be standard practice for very small webhosts aimed at residential customers, however it is not common for larger companies offer SMB services such as the above.
Wycombe Resident, High Wycombe says...
6:18pm Sun 11 May 08
If you knew anything about the semantics involved you'd realise that it actually makes a lot more sense to have the database separate - it easier and less expensive to do it that way. So whilst I agree with your evaluation of the realities of what goes on in small datacentres not matching up to what *should* go on - it's much more likely that the database is separate - it's a lot simpler and cost effective to do it that way.
You may still be broadly right about the security aspects as the database server may be no more physically secure than the web server and it was just luck that it didn't get nicked.
But it would actually take more work to start with and on an ongoing basis to have everything on the same physical server - so it's very unlikely and, therefore, the story is as believable as a press release can be I'm afraid.
In this section
- Second athletics club backs Handy Cross track move
- Police: cliff falls "quite unprecedented”
- "Diversity" DVD for schools
- Eden "more empty than High Street"
- Parking supremo: Marlow bays "entirely legitimate"
- Re-routed traffic warning over town centre plans
- Uni team to take on Three Peaks
- Two in court charged with murder of Jourdan Griffiths
- Hole ripped in fuel lorry on M40
- Students vote Bucks New Uni vote among best in county
Sponsored Links
Local Links
Local Information
Enter your postcode, town or place name
Mario, Bucks says...
1:28pm Thu 8 May 08
Anyone familiar with computers and the like would know that if servers are stolen then information can be gleaned.
The other "secure location" is purely there for disaster recovery purposes, and has a faithful copy of all the data on the original servers.
So, either WOMAD's servers have been stolen or not. I see from the story they have been stolen.
Therefore confidential customer information is now available to the perpetrators.
Stop lying you treacherous oafs!