The competence of the London Marathon organisers has been questioned after an embarrassing security bungle left the personal details of all 38,000 runners in last Sunday’s race exposed to public view on the organisation’s website.
According to the BBC, the hole was only discovered after a member of the public noticed that her name and home address – and those of all other participants – were visible on a part of the race website from which runners could order commemorative medals.
The hole was reported to a BBC television reporter on Monday evening who brought the matter to the attention of the race organisers.
"We immediately made sure that the glitch was corrected,” London Marathon chief executive Nick Bitel told the BBC
"We do not believe that this has led to a substantial number of individuals' details being accessed by members of the public," he said.
From the description given by the BBC, the issue appears to have been a basic one of publishing personal data by mistake or not applying security rather than an issue with the site software itself.
The personal information will have included those of celebrity runners such as chef Gordon Ramsay and politicians including Shadow Chancellor Ed Balls, raising concerns about the processes that allowed such an obvious security mistake to have been made.
The Information Commissioner had been informed, said the BBC.
The London Marathon organisers have apologised for the error but not everyone is in a forgiving mood.
“The majority of people who take part in the London Marathon do so with the fantastic purpose of raising money for charity - the last thing they deserve is to find their personal information exposed by sloppy security by the organisers,” said Sophos security expert, Graham Cluley.