The UK Information Commissioner’s Office (ICO) said it is looking into a possible data breach of the Website used by organizers of the London Marathon – major, international sporting event that attracted more than 37,000 runners for the 37th running on April 22nd.

According to a BBC report, the home addresses and e-mail addresses of individuals who ran the race were accessible from the organizers’ Web site on Monday, April 23rd, the day after the race.  The field of the prestigious race included a number of celebrities and government officials, including celebrity chef Gordon Ramsay and model Nell McAndrew in addition a field of elite runners and tens of thousands of amateur running enthusiasts.

Nick Bitel, the chief executive of the Marathon, is quoted by the BBC apologising for the error and saying that the issue had been fixed and that race organizers don’t believe that “a substantial number of individuals details” were accessed by the public.

The ICO said it is investigating the incident.

“At this stage, we’ve been made aware of the incident and we’re looking into it,” an ICO spokesman told Threatpost. “We’ll be looking to see if any action is required.” The spokesman declined to say how the agency had learned of the breach.

The ICO is a government agency that regulates the UK’s Data Protection Act of 1998.

There was no immediate response to e-mail and phone requests sent to race organizers. Threatpost will update its story as comment becomes available.


Categories: Vulnerabilities, Web Security