Whistleblower under investigation after making public interest disclosure
A Hungarian patent lawyer made a public interest disclosure to draw attention to a security vulnerability on the National Intellectual Property Bureau (SZTNH) website. Rather than searching for a solution or investigating the bureau’s responsibility, the Bureau instead filed a police report against him. The patent lawyer, György Pintz reported that the SZTNH website was prone to URL injection attacks that made it possible for anyone to see confidential, pending patent request forms in the system simply by altering the numbers at the end of the links.
Pintz is now under investigation for phishing. SZTNH reported a hacking attack in October 2013, but Pintz made his disclosure earlier, in September 2013. According to SZTNH, the security vulnerability was fixed within 48 hours of filing the public interest disclosure.
The original article was posted in Hungarian on 21 March 2014.
Editing by Orsolya Gulyás.