Barry Cooper reports: More than two thousand British Gas customers have had their personal details posted online after a security breach. The energy firm has moved to reassure the 2,200 customers affected that despite email addresses and account passwords being placed online, their bank account information has not been put at risk. While no credit card information…
Category: Business Sector
Breaches, traders, plain text passwords, ethical disclosure and 000webhost
Troy Hunt writes: It’s a bit hard to even know where to begin with this one, perhaps at the start and then I’ll try and piece all the bits together as best I can. As you may already know if you’re familiar with this blog, I run the service Have I been pwned? (HIBP) which…
UK: Marks & Spencer Website Suspended After Customer Data Breach
Tom Jowitt reports: Marks & Spencer temporarily suspended its website on Tuesday night after “technical difficulties” that exposed customer information to other website users. But the British retailer insisted that its website was not hacked by outside third parties, and there is no security risk for affected customers. Read more on TechWeek Europe.
TalkTalk requiring upset customers pay contract termination fee after data breach
From the if-they-have-a-PR-firm-are-they-even-listening-to-them dept: TalkTalk is becoming the poster child for poor PR and how NOT to respond after a data breach. In today’s installment, the BBC reports that the firm will only waive contract termination fees if the customer has had money stolen from them. “In the unlikely event that money is stolen from…
UK: ICO confirms issue of data breach compensation a matter for consumers to pursue with companies or via the courts
From Out-Law.com: The Information Commissioner’s Office (ICO) in the UK cannot force companies to pay compensation to consumers affected by a data breach, the watchdog has confirmed. On Monday, the UK’s culture minister Ed Vaizey told MPs in the House of Commons that it would be “a matter for the Information Commissioner’s Office and TalkTalk to decide…
OAIC accepts TeleChoice’s response to shipping container data breach
Corinne Reichart reports: TeleChoice has had an enforceable undertaking accepted by the Office of the Australian Information Commissioner (OAIC), promising to review its data security practices after the mobile services reseller’s customer information was found in a shipping container on publicly accessible land. The enforceable undertaking [PDF] will see TeleChoice, which resells Telstra’s 3G network, provide its…