Incident: 3D House Tour Software Exposes Personal Data Due to Oversight

Published Date: 2021-04-13

Postmortem Analysis
Timeline 1. The software failure incident of the 3D tour exposing personal data in a house for sale in Devon happened in October 2020 as the article mentions that the house was available on the property platform Rightmove since October 2020 [113519].
System 1. 3D tour software system used by Fowlers Properties [113519]
Responsible Organization 1. Fowlers estate agent 2. Rightmove platform 3. The home owner 4. Carole Theriault, who discovered the issue 5. Information Commissioner's Office 6. Carissa Veliz, author of Privacy is Power [113519]
Impacted Organization 1. Homeowners of the house for sale in Devon [113519] 2. Potential buyers viewing the 3D tour on the property platform Rightmove [113519]
Software Causes 1. Lack of proper data sanitization and redaction features in the 3D tour software, leading to personal information being visible [113519].
Non-software Causes 1. Lack of proper data privacy protocols and procedures in place at the estate agent's company and by the homeowner [113519] 2. Failure to adequately review and censor personal information before publishing the 3D tour online [113519] 3. Insufficient training or awareness among staff regarding data privacy and security measures [113519] 4. Oversight in obtaining explicit consent or ensuring proper authorization from the homeowner before sharing sensitive information publicly [113519]
Impacts 1. Personal information, including financial paperwork, family photos, pet names, political views, and health details, was exposed to potential identity thieves and phishers due to the failure of the 3D tour software [113519].
Preventions 1. Proper data sanitization and privacy checks should have been implemented before publishing the 3D tour to ensure personal information was not visible [113519]. 2. Implementing a thorough review process by both the estate agent's staff and the homeowner to identify and blur out any sensitive information before making the tour live [113519]. 3. Providing clear guidelines and recommendations to homeowners on securing their personal information before allowing 3D tours to be conducted on their properties [113519]. 4. Conducting regular training sessions for staff on data privacy and security measures to prevent such incidents from occurring in the future [113519].
Fixes 1. Implement stricter data privacy protocols and guidelines for creating and publishing 3D tours to ensure sensitive information is not inadvertently exposed [113519]. 2. Conduct thorough reviews of all virtual tours before publishing to identify and blur out any personal or sensitive information that may be visible [113519]. 3. Provide training to staff and homeowners on the importance of safeguarding personal data and ensuring that sensitive materials are not left visible during virtual tours [113519].
References 1. Fowlers Properties 2. Rightmove 3. Information Commissioner's Office 4. Carole Theriault, co-host of the Smashing Security podcast 5. Carissa Veliz, author of Privacy is Power [113519]

Software Taxonomy of Faults

Category Option Rationale
Recurring unknown (a) The software failure incident having happened again at one_organization: The article does not mention any previous similar incidents happening again within the same organization or with its products and services. Therefore, it is unknown if a similar incident has occurred before at Fowlers Properties [113519]. (b) The software failure incident having happened again at multiple_organization: The article does not provide information about similar incidents happening again at other organizations or with their products and services. Hence, it is unknown if this type of incident has occurred at multiple organizations [113519].
Phase (Design/Operation) design, operation (a) The software failure incident in the article can be attributed to the design phase. The 3D tour of the house for sale in Devon was published with a substantial amount of personal information visible, including financial paperwork, family photos, names of pets, clues about political views, and health-related items. This sensitive information was not properly secured or blurred in the virtual tour, indicating a failure in the design aspect of the system development process [113519]. (b) Additionally, the software failure incident can also be linked to the operation phase. The incident occurred due to the operation of the system, specifically the decision to publish the 3D tour without adequately reviewing and securing the personal data. The failure was a result of the operation and use of the system in a way that exposed sensitive information to the public, highlighting a failure in operational procedures and diligence [113519].
Boundary (Internal/External) within_system (a) The software failure incident in this case falls under the within_system boundary. The failure occurred due to the personal information, including financial paperwork, family photos, and other identifiable data, being visible in a 3D tour of a house for sale in Devon. This sensitive information was not properly handled during the creation and publication of the virtual tour, leading to a breach of privacy [113519].
Nature (Human/Non-human) non-human_actions, human_actions (a) The software failure incident in this case was primarily due to non-human actions. The failure occurred as a result of personal information being inadvertently exposed in a 3D tour of a house for sale in Devon. The financial paperwork, family photos, and other identifiable data were visible in the virtual tour, indicating that the software system responsible for creating and publishing the tour did not adequately protect sensitive information. This exposure of personal data was a result of a flaw or fault in the software system that allowed such information to be displayed without proper safeguards in place [113519]. (b) Human actions also played a role in this software failure incident. The estate agent and the home owner were responsible for overseeing the creation and publication of the 3D tour. It was mentioned that the private data in the virtual tour had "slipped past" the staff and the home owner, indicating a lack of proper oversight and diligence in ensuring that sensitive information was not included in the tour. Additionally, the owner of the home had given verbal permission for the video to be used, suggesting a potential oversight or lack of awareness regarding the potential risks of exposing personal data in the tour [113519].
Dimension (Hardware/Software) software (a) The software failure incident in the article was not directly related to hardware issues but rather to a failure in ensuring the privacy and security of personal data during the creation of a 3D virtual tour of a house for sale. The incident involved the exposure of sensitive personal information such as financial paperwork, family photos, pet names, political views, and health-related items due to inadequate measures taken by the estate agent and the homeowner [113519]. (b) The software failure incident in the article was primarily related to software issues, specifically in the process of creating and publishing the 3D virtual tour of the house. The failure stemmed from a lack of proper data protection measures, oversight, and diligence in handling personal information within the software used for the virtual tour. This led to the inadvertent exposure of sensitive data to potential identity thieves and other malicious actors [113519].
Objective (Malicious/Non-malicious) non-malicious (a) The software failure incident in this case can be categorized as non-malicious. The incident occurred when an estate agent's 3D tour of a house for sale in Devon was published with a substantial amount of personal information visible, including financial paperwork, family photos, names of pets, clues about political views, and health-related items. This exposure of sensitive data was not intentional but rather a result of oversight by the estate agent and the homeowner. The incident was described as personal data "slipping past" the staff and the homeowner, indicating a lack of malicious intent [113519].
Intent (Poor/Accidental Decisions) poor_decisions (a) The intent of the software failure incident was poor_decisions. The failure occurred due to poor decisions made by the estate agent and staff at Fowlers Properties. They allowed a substantial amount of personal information, including financial paperwork, family photos, pet names, political views, and health clues, to be visible in a 3D tour of a house for sale in Devon [113519]. The failure was a result of inadequate diligence and oversight in handling sensitive data during the creation and publication of the virtual tour.
Capability (Incompetence/Accidental) development_incompetence, accidental (a) The software failure incident in the article can be attributed to development incompetence. The 3D tour of a house for sale in Devon published by Fowlers estate agent contained a substantial amount of personal information visible, including financial paperwork, family photos, names of pets, clues about political views, and health-related items. This sensitive data was not properly secured or blurred out, indicating a lack of professional competence in handling and protecting personal information [113519]. (b) The software failure incident can also be considered accidental as the estate agent mentioned that the private data in the virtual tour had "slipped past" its staff and the home owner. This suggests that the exposure of personal information was unintentional and not a deliberate act [113519].
Duration temporary The software failure incident described in the article is temporary. The incident occurred due to contributing factors introduced by certain circumstances, specifically the oversight of personal information during the creation of the 3D tour of the house for sale in Devon by Fowlers estate agent. The personal data exposure was a result of the failure to properly review and blur sensitive information before publishing the virtual tour. The estate agent acknowledged the mistake and took immediate action by withdrawing all 3D tours for further review, indicating that the failure was not permanent but rather a temporary issue that can be rectified with proper diligence and review processes [113519].
Behaviour omission, other (a) crash: The software failure incident in the article did not involve a crash where the system lost state and stopped performing its intended functions [113519]. (b) omission: The software failure incident in the article involved an omission where the system omitted to protect personal data, allowing sensitive information to be visible in the 3D tour of a house for sale [113519]. (c) timing: The software failure incident in the article did not involve a timing issue where the system performed its intended functions too late or too early [113519]. (d) value: The software failure incident in the article did not involve a value issue where the system performed its intended functions incorrectly [113519]. (e) byzantine: The software failure incident in the article did not involve a byzantine behavior where the system behaved erroneously with inconsistent responses and interactions [113519]. (f) other: The software failure incident in the article involved a privacy breach where personal information was exposed due to the failure of the system to properly blur sensitive data in the 3D tour of the house for sale [113519].

IoT System Layer

Layer Option Rationale
Perception None None
Communication None None
Application None None

Other Details

Category Option Rationale
Consequence property, theoretical_consequence (d) property: People's material goods, money, or data was impacted due to the software failure The software failure incident in the article led to a substantial amount of personal information being exposed in a 3D tour of a house for sale in Devon. The financial paperwork in the study, including a shares dividend cheque, an insurance policy document, and an invoice for a stairlift, could be read by zooming in on the image. Additionally, other identifiable data about the homeowners, such as the names of their pets, clues about their political views, and health-related items like an asthma inhaler, were visible in the virtual tour. This exposure of personal information could potentially lead to identity theft, phishing, and other malicious activities [113519].
Domain unknown (a) The failed system in the reported incident was related to the industry of real estate, specifically estate agency services. The software failure incident involved a 3D tour of a house for sale in Devon, which exposed a substantial amount of personal information, including financial paperwork, family photos, and other identifiable data about the homeowners [Article 113519].

Sources

Back to List