The issue could only have been exploited by a logged-in user performing a specific set of actions.
At this stage, we have no confirmed reports of any data having been accessed or changed without permission, and we believe the issue could not have been used to extract data in large volumes.
The "specific set of actions" is so vague that could range from just opening a specific company page and clicking on a button to performing a complex chain of steps.
This said, it's not that bad, that's true. But the idea of having the personal residential address exposed is not great either.
That vagueness is clearly designed to disguise the truth, being "going to his own company's dashboard and trying to view another which he didn't own and pressing the back key four times" https://www.bbc.co.uk/news/articles/c5y41p0dy1wo
As for the the personal residential address exposure, it is a huge breach. This website keeps certain Directors' private info private for very good reason. I look forward to the regulators, ICO, imposing an appropriately huge fine.
And just love the "if we find evidence that anyone has accessed or changed another company’s details without authorisation, we will take firm action." Firm action internally, right? Right?
If I remember right, date of birth and address used to be right there on the company page. Led to credit being taken out in my name, which luckily got picked up.
I'm a tech lead with interdisciplinary experience across research, industry, and entrepreneurship. I’ve worked at CERN, collaborated with major industry players, and joined startups and scaleups. I also co-founded a startup and participated in Entrepreneurs First.
Now looking for my next challenge, feel free to reach out!
What I did in a few projects to plot aggregated (resampled) data without loosing peaks was to plot it over an area chart representing the min-max values before aggregating (resampling). It worked pretty well.
That's interesting. How would you explain that for someone works then? At least on me, the loader does not trigger vigilance and temporal monitoring (I think). Instead, it "allows" my brain to focus on something else, which gets boring very soon, but that at the same is engaging enough to keep doing it. This kind of interactive yet very slow dynamic helps me stop trains of thoughts and relax.
It does not replace healthy bedtime routines of course, and it never meant to be a serious sleeping aid, but more of an experiment - and partially a joke. Maybe the premise should have been to help stop a spinning mind rather than to fall asleep...
The skeleton provided by ChatGPT to get the page to load fullscreen as a PWA included it, so I just kept it. “Maybe in future”... But it’s unnecessary, I should have removed it.
Oh yes, absolutely. It bothers me as well, and it strains the eyes, but you know... for such a toy project I half vibe-coded in an hour or so I didn’t bother too much. I agree it should be improved!
It could definitely be a fun exercise. Also maybe just rendering all the text in the same color as the background and then changing the colors of the characters one by one could be an interesting option (just thought about it), but I think yours would render better.
As a side note, I have to say that posting something as simple as this, where you can’t really get too attached to the project and can read feedback in a truly neutral way - instead of just pretending - is so refreshing...
I came up with this one night when I couldn’t fall asleep and was looking (waiting) for some data analysis results on a web platform, noticing that the spinner was actually making me sleepy.
I guess that when the brain is engaged in an activity, and that activity becomes boring, it creates good conditions for falling asleep.
1. See certain data not normally published on the public register:
- the day of the date of birth for directors and PSCs
- residential address for directors and PSCs
- company registered email address
2. File updates to any information without consent. For example, new accounts or changes of director."
reply