Stacy Wu and Jay Chen report: CTBC Bank, one of Taiwan’s top financial institutions, was fined NT$4 million (US$134,000) Thursday for accidentally leaking the personal information of some 33,000 of its e-banking customers. The error allowed the average Internet user to view confidential data, intended for CTBC Bank staff only, for an undisclosed period of…
Month: August 2013
Ca: Security breach at Charlottetown ACOA office
Well, this may or may not be a breach, as they’re not saying what’s on the stolen computers. Nigel Armstrong reports: Four laptop computers are missing from a federal government agency in Charlottetown, but no one is commenting on what data might be in them. Staff at the Atlantic Canada Opportunities Agency at 100 Sydney…
CMS: One Hour to Report HIX Security Incidents
The Centers for Medicare and Medicaid Services is seeking to fast-track the rollout of a new process that state health insurance exchanges will use to report–within one hour–information security incidents. With the exchanges expected to open on October 1, CMS has submitted a request for an emergency review of the new reporting system from the…
Colorado medical marijuana patients protest privacy breaches
Kristen Wyatt of Associated Press reports: Medical marijuana patients asked Colorado health authorities on Wednesday to destroy and rebuild the state’s 107,000-person marijuana patient registry because of security breaches. The Board of Health unanimously rejected the emergency petition. But officials expressed alarm about a recent state audit showing the Colorado Department of Health and Environment…
San Francisco State College of Extended Learning reports breach; one of 500 entities breached
San Francisco State College of Extended Learning is notifying students that a server housing files with their personal information was compromised on March 25, 2013. The college learned of the breach on June 11, when it was notified by federal law enforcement that the server had been used by a group not affiliated with SF…
Austria: Under pressure: data breach notification must be made within 24 hours
Günther Leissler and Veronika Wolfbauer explain: The European regulatory framework on electronic communications obliges providers of public electronic communications services to notify personal data breaches to their national authorities.(1) However, the European Commission recently found a lack of harmonisation among member states in this respect, and exercised its power to issue technical implementing measures on the…