The monetary penalties levied against ride-sharing giant Uber for covering up a 2016 breach continue to mount. From the ICO’s office: The Information Commissioner’s Office (ICO) has fined ride sharing company Uber £385,000 for failing to protect customers’ personal information during a cyber attack. A series of avoidable data security flaws allowed the personal details…
Category: Business Sector
Data Protection Authority of Baden-Württemberg Issues First German Fine Under the GDPR
Here’s a more detailed analysis of the GDPR fine of 20,000€ levied against a German flirting site, knuddels.de. Dr. Henrik Hanssen and Dr. Stefan Schuppert write: In the first fine issued by a German data protection authority under the European General Data Protection Regulation (“GDPR”), on 21 November 2018 the authority of the German state…
Noida: Two leak legal firm’s data to former employee, held
TNN reports: Two business associates of a legal service provider have been arrested for allegedly leaking confidential data of the company and its clients, mostly based abroad, to a former employee. Officials of the company said they came to know that Umar Ikhlaq, who had resigned from the firm to join another Mumbai-based company in…
Brazilian personal data was exposed….. again
Bob Diachenko recently reported on yet another massive data exposure: On November 12th, when auditing the search results for open/exposed Elasticsearch databases with Binaryedge.ioplatform, we have found what appeared to be a collection of personal records compiled by FIESP, the Federation of Industries of the State of São Paulo. FIESP is the largest class entity…
PageUp investigation found no evidence of data theft, company says
Rohan Pearce has an update to a breach that was first disclosed in June, 2018: HR software company PageUp says that a forensic expert it engaged to examine its systems has found “no specific evidence” that data was stolen during a security breach earlier this year. Read more on Computerworld.
Another ‘decision makers’ database leaked
Depressingly, Bob Diachenko of Hackenproof writes: These days it’s quite easy for an ordinary person to get the contact details of any business or organization for a certain fee or subscription. However, should seemingly non-sensitive data be so easily available? 123GB of personal data exposed On November 5th, we discovered an open and unprotected MongoDB…