Gwent Police investigated for failing to disclose possible compromise of personal information

Alexander J. Martin reports:

Gwent Police is being investigated after failing to inform hundreds of people that hackers may have accessed their confidential reports to the force.

Sky News has learned that up to 450 people who filed reports through an online tool over a two-year period could have been put at risk by hackers due to security flaws.

Although the tool was decommissioned after an internal security review discovered that confidential information was being exposed, the force did not inform the individuals who were affected.

Read more on Sky News. It seems that they didn’t have enough data going back far enough to determine whether the data had actually been accessed. So what happened to the “in an abundance of caution” mentality? When in doubt, they should have notified, shouldn’t they have?

Au: Junior doctor faces fresh toilet spying charges as probe widens to other major hospitals
U.S. nuclear and health agencies hit in Microsoft SharePoint breach
Russia suspected of hacking Dutch prosecution service systems
Korea imposes 343 million won penalty on HAESUNG DS for data breach of 70,000 shareholders
Paying cyberattackers is wrong, right? Should Taos County's incident be an exception? (1)
IVF provider Genea notifies patients about the cyberattack earlier this year.

Related: