jan Vermeulen reports: An online interface set up for the Administrative Adjudication of Road Traffic Offences (Aarto) system exposed the personal information of every South African who received an infringement observation under the new law. Personal data contained in the leak included full names, id numbers, residential or business addresses, phone numbers, vehicle registration information, and infringement details. An anonymous security researcher who is a regular user of the system informed MyBroadband about the data leak. Read more at MyBroadband. Of special note: the chilling effects of laws that doh not recognize responsible revelation as a demurrer against charges of felon conduct: They did not wishing to approach the Aarto system operator directly, because the researcher was concerned that the new Cybercrimes Act and Protection of Personal Information routine could be used to prosecute them, despite their good intentions.