{"id":69854,"date":"2013-02-06T14:03:32","date_gmt":"2013-02-06T12:03:32","guid":{"rendered":"http:\/\/mybroadband.co.za\/news\/?p=69854"},"modified":"2013-02-06T14:05:16","modified_gmt":"2013-02-06T12:05:16","slug":"sita-website-showing-client-data","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/69854-sita-website-showing-client-data.html","title":{"rendered":"SITA website showing client data"},"content":{"rendered":"<p>A web application running on the <a title=\"State Information Technology Agency\" href=\"http:\/\/mybroadband.co.za\/vb\/showthread.php\/313647-State-Information-Technology-Agency-(SITA)\">State Information Technology Agency<\/a>\u2019s domain is exposing client data to anyone with a link to it.<\/p>\n<p>The page in question is indexed in <a title=\"Google\" href=\"http:\/\/mybroadband.co.za\/vb\/showthread.php\/314567-Google\">Google<\/a>, so a search for the correct keywords causes the search engine to return a link to it.<\/p>\n<p>As shown in the screenshot below, the page displays the SITA logo along with the words \u201cSITA Service Management\u201d and \u201cdeveloped by SMC\u201d and appears to be a log of faults and their resolutions.<\/p>\n<p>SITA <a href=\"http:\/\/www.sita.co.za\/supp_solutions\/cust_commandcent.htm\" target=\"_blank\">explains on its website<\/a> that its Service Management Centre (SMC) is the single point of entry for specific services to clients.<\/p>\n<p>\u201cThese include countrywide IT services to Government clients and voice business services on behalf of Government to the South African citizens,\u201d the site states.<\/p>\n<div id=\"attachment_69862\" style=\"width: 610px\" class=\"wp-caption aligncenter\"><a  data-lightbox=\"post-image\" href=\"http:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2013\/02\/SITA-SMC-reports-exposed-data.jpg\" target=\"_blank&quot;\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-69862\" class=\"size-full wp-image-69862 \" title=\"SITA SMC reports exposed data - scaled\" src=\"http:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2013\/02\/SITA-SMC-reports-exposed-data-scaled.jpg\" alt=\"SITA SMC reports exposed data\" width=\"600\" height=\"303\" srcset=\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2013\/02\/SITA-SMC-reports-exposed-data-scaled.jpg 600w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2013\/02\/SITA-SMC-reports-exposed-data-scaled-100x50.jpg 100w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2013\/02\/SITA-SMC-reports-exposed-data-scaled-185x93.jpg 185w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2013\/02\/SITA-SMC-reports-exposed-data-scaled-250x126.jpg 250w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/a><p id=\"caption-attachment-69862\" class=\"wp-caption-text\">SITA SMC reports exposed data (click for full size screenshot)<\/p><\/div>\n<p>While the SMC web application only appears to be revealing data from December 2010, among the details shown are the customer\u2019s name and contact number, as well as the organisation from which they are reporting the fault.<\/p>\n<p>A summary of the fault and an indication of whether SITA met its service level agreement (SLA) is also shown.<\/p>\n<p>An interesting statistic to come from this is that of the 2,196 faults exposed by the site, 1362 (almost 63%) were resolved within the SLA deadline during December 2010.<\/p>\n<p>SITA was contacted for comment, but did not respond by the time of publication.<\/p>\n<h3 id=\"related\">More SITA news<\/h3>\n<p><a href=\"http:\/\/mybroadband.co.za\/news\/security\/67768-try-hacking-this.html\"><strong>Try hacking this<\/strong><\/a><\/p>\n<p><a href=\"http:\/\/mybroadband.co.za\/news\/security\/66654-websites-defaced-not-hacked-sita.html\"><strong>Websites defaced, not hacked: Sita<\/strong><\/a><\/p>\n<p><a href=\"http:\/\/mybroadband.co.za\/news\/security\/66474-south-african-websites-hacked.html\"><strong>South African websites hacked<\/strong><\/a><\/p>\n<p><a href=\"http:\/\/mybroadband.co.za\/news\/general\/65240-sa-police-to-get-network-upgrade.html\"><strong>SA Police to get network upgrade<\/strong><\/a><\/p>\n<p><a href=\"http:\/\/mybroadband.co.za\/news\/business\/33934-sita-promises-greater-efficiency.html\"><strong>Sita promises greater efficiency<\/strong><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A website on the State Information Technology Agency\u2019s domain is making customer data publicly available<\/p>\n","protected":false},"author":15,"featured_media":69902,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[35,18070,18068],"class_list":["post-69854","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-headline","tag-sita-service-management-centre-smc","tag-state-information-technology-agency-sita"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/69854"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=69854"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/69854\/revisions"}],"predecessor-version":[{"id":69906,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/69854\/revisions\/69906"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/69902"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=69854"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=69854"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=69854"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}