Royal Dutch Shell Plc  .com Rotating Header Image

Another Shell Data Protection Breach: Shell warns Shell LiveWIRE forum users of exposure to potential fraud

By John Donovan

Nine years ago Royal Dutch Shell Plc confirmed that a list of leaked contact details of 176,000 of its employees and contractors supplied to me by a human rights and environmental activist group was authentic.

Shell claimed that the list did not pose a security risk because it did not include home addresses, but at the same time, undermined that claim by asking me not to publish it on employee safety grounds, particularly in respect of Shell employees in Nigeria.

The e-mail included a 170-page covering note claiming to be from “116 concerned employees of Shell” and accusing the company of harmful practices in Nigeria.

Today, Shell has disclosed another breach of the General Data Protection Act.

The warning notice below was circulated today to all  Shell LiveWIRE forum users warning of potential exposure to fraud:

Dear Shell LiveWIRE forum user,

As someone who has registered their details on the Shell LiveWIRE UK online forum, we want you to know that we have discovered unauthorised access to user registration data for the platform. Shell LiveWIRE UK, run on behalf of Shell International Limited, is one of Shell’s social investment enterprise development programmes.

As soon as we became aware of the incident, we took the entire UK LiveWIRE website, including the online forum, offline. We immediately notified the relevant data protection authority of the issue and explain below what we recommend you should do now.

What data has been compromised?

The user registration data for the UK LiveWIRE online forum was compromised. This includes user names and passwords and (if provided) email address, date of birth and a link to your social media page.

Sensitive personal information, financial data and Shell LiveWIRE application data are not affected. The forum is independent from Shell’s IT network and no other data held by Shell is affected by the incident.

Investigations into the root cause are still underway.

What you should do now

If you use the same password for other online accounts, we recommend that you immediately change these to protect you from possible fraud. For more information on staying safe online please visit www.getsafeonline.org.

We are sorry for any inconvenience this may cause you and have set up a dedicated team to help you if you have any questions or concerns. Please email us at [email protected].

Yours sincerely,
Shell LiveWIRE UK
Shell International Limited registration number 03075807
Shell Centre, York Road, London, SE1 7NA, United Kingdom

ENDS

Some information in the first three paragraphs of this article was extracted from an article published by Bloomberg on February 11, 2010, under the headline: “Shell Staff List E-Mailed to Rights Campaign Activists, FT Says.”

royaldutchshellplc.com and its sister websites royaldutchshellgroup.com, shellenergy.website, shellnazihistory.com, royaldutchshell.website, johndonovan.website, shellnews.net and shell2004.com are all owned by John Donovan. There is also a Wikipedia article.

0 Comments on “Another Shell Data Protection Breach: Shell warns Shell LiveWIRE forum users of exposure to potential fraud”

Leave a Comment

%d bloggers like this: