Oops. A follower on Twitter DM’d me a link to this breach notification from Stay Smart Online, an initiative of the AU government: Notification of Subscriber Data Loss Dear Subscriber We are writing to notify you that the Department has been advised by a former external contractor that a DVD which included information provided by…
Author: Dissent
Kaiser Permanente stuck in odd struggle with tiny Indio vendor
This news report by Chris Rauber appeared on June 1, but I just became aware of it thanks to a reader: Giant Kaiser Permanente has found itself locked in a David-and-Goliath-scale struggle with a tiny Southern California record storage vendor over up to 1 million unencrypted Kaiser patient records the vendor claims remain on servers in his…
EU wants breach notification for certificate authorities
Stewart Mitchell reports: European authorities plan to clamp down on certificate authorities, demanding security signing organisations speak up if hit by hackers. Certificate authorities – either private or government backed – issue digital certificates that verify web pages and code, and are a key component of the web running smoothly and securely. But as last…
Ca: BCIT warns medical database security breached
From CBC News: BCIT [British Columbia Institute of Technology] has issued a warning to students and staff after one of its computers servers containing the personal medical records of more than 12,680 students was hacked. The Vancouver-area post-secondary school says a regular security audit determined an unauthorized third party accessed the server used by the…
UK: Welcome Financial Services Limited Fined £150,000 After Backup Tapes With Customer Contact Info Lost
From the Information Commissioner’s Office: Organisations are learning the hard way of the consequences of mishandling people’s information – and others need to heed the lessons the Information Commissioner, Christopher Graham, warned today at the launch of the ICO’s 2011/12 annual report. The Commissioner’s comments came as the ICO imposed a civil monetary penalty (CMP) of…
Update: Federal appeals court raps U.S. bank over shoddy online security
Jeremy Kirk reports the latest twist in a long-running lawsuit by a construction firm against its bank over fraudulent wire transfers: A U.S. construction company may stand a greater chance of recovering some of the $345,000 it lost in fraudulent wire transfers that it blames on poor online banking practices of its bank. Patco…