Paul Van den Buick writes: The European legal framework on the protection of personal data (Directive 95/46/Ec) is acknowledged as one of the strictest in the world. This tendency seems to be confirmed by the new draft regulation on the protection of personal data revealed by the European Commission in January 2012, which, once adopted,…
Month: June 2012
No evidence that Pharmacist.com hack involved patient records (updated)
As I had suggested previously in several tweets, those involved in the hack of Pharmacist.com may not have understood some of the data were that they acquired in the hack. They certainly didn’t understand the nature of their target. In a statement disclosing the hack, reproduced on CyberWarNews.info, the hackers had written: In an effort…
AU: Privacy Commissioner finds Act breached by super fund
ABC (AU) reports an update on a situation previously mentioned on this blog where simple url manipulation exposed information: A superannuation company that allowed the private details of its customers to be leaked online has been found to have breached the Privacy Act. In September last year, a flaw was discovered in First State Super’s computer systems,…
TN: Personal Records Found in Dumpster
Some breaches make me want to curse. This news report out of Sevierville, Sevier County in Tennessee makes me want to yell, “When the hell are businesses going to start getting fined for just dumping unshredded files with PII?” … Kim Pierce runs a video store in Sevierville and was shocked at what she found…
Ca: Government kiosks pulled from service
Kim Zarzour reports: ServiceOntario kiosks at Vaughan Mills and Promenade Mall were two of the four locations where a security breach prompted the government to shut down all 72 of the electronic booths across Ontario this week. The automated self-service kiosks at the two York Region sites, along with booths at Albion Centre in Etobicoke…
Potential class action targets Emory Healthcare over patient data breach
Emory Healthcare is the target of a potential class action suit seeking unspecified damages over the loss of 10 computer disks containing the personal and health information of hundreds of thousands of patients treated between 1999 and 2007. The suit seeks money damages and financial record monitoring for a class it estimates as including as…