Daily Mail readers wince as Mail Online slices and dices their data

If you’re from the US, you might not realize that the world’s most popular online newspaper is The Daily Mail – or, more properly for the online version of the tabloid, Mail Online.

In which case, you poor, ignorant reader, O MY GOD GO THERE NOW because Leonardo DiCaprio was caught leering at his black-bikini-clad new girlfriend through a pair of binoculars.

The Victoria’s Secret Angel model obviously “doesn’t have an inch to pinch” on that 6-foot frame!!!!!!


The pub, known, as The Register’s Kelly Fiveash put it, for “displaying loads of pictures of tits and ass online normally alongside an equal amount of outrage about tits and ass online”, has admitted to an “URGENT problem” with its users’ profiles.

Tuesday morning, readers started grousing about the security issue, which appears to involve data implants being forcibly grafted onto users.

To wit, a complaint from “pink 64”:

"Last night I tried to log into my 'Mail Online' profile, which is different to my Femail one. Instead of 'me' I got someone else's details, including his full name, date of birth and email address! There is a thread about this on the computer board, but I don't know if our 'everyday users' realised this happened. It is possible that your 'Mail Online' profile has been compromised and that someone else has had access to your details, including your full name, email address, date of birth and even the town where you live!"

Yes, Mail Online forcibly transgendered, transnamed, transaddressed and transbirthdayed at least some users.

Senior Communities Editor Tessa Meneux jumped on the forum around the middle of a nice lunch break to breathlessly inform readers that she’d been pecking away at notification emails about a glitch with the user profile display:

"I've been frantically emailing readers this morning.

"Last night we had a technical issue with our user profile and login service that resulted in a bug with the display of user profiles. When viewing your profile page users were presented with a copy of another users profile page instead of their own. The issue is now resolved."

Mail Online takes readers’ privacy “very seriously,” she said, and has undertaken “rigorous tests” to ensure that user data is secure. But no worries, nobody’s seen any password or “other encrypted data,” she said, nor could they post comments on your behalf or change anybody’s profile.

She gave no details about what type of encryption was used on the data, so those who’ve registered with the site can judge for themselves how rigorous they think the pub is about keeping things buttoned up.

In spite of Meneux’s reassurances, readers got down to the most salient point to be established in any data breach, be it major or minor.

Namely, “How do I make money off of this?”

"That was a serious breach of security ....wish i had known i would never have joined this forum ....was there any compensation offered for the security breach? If not why not???"

Why not indeed, “00lisa00”, who is explicitly not me???

One commenter, gemmalouxoxo, alleged that this isn’t the first time the site botched security and user privacy:

"When the boards changed some posters (me included) got moderation powers, which meant when someone abuse reported *we* got sent the emails to act on them including the email address of the person who complained. Plus we could view users IP addresses."

This is, obviously, the kind of journalism that’s easy to loathe, given that much of it is dedicated to what my British editor Anna Brading refers to as a “side bar of shame” that features mostly women in bikinis either Celebrating Their Curves (translation: looking a bit fat) or Looking Great (they probably haven’t eaten for a month).

But seriously, users shouldn’t be punished for enjoying reading about, say, Cameron Diaz’s odd facial expressions on a windy day.

For the sake of its hundreds of millions of users, let’s just hope that Mail Online does encryption better than anybody in their right mind would assume after looking at its front page.

And let’s hope it’s willing to come clean about the extent of the data breach caused by the mixed-up profiles, and can convince those hundreds of millions of users that it knows what went wrong now so this sort of thing won’t happen for a third time.