From the Information Commissioner’s Office, this release: The Information Commissioner’s Office (ICO) has fined DSG Retail Limited (DSG) £500,000 after a ‘point of sale’ computer system was compromised as a result of a cyber-attack, affecting at least 14 million people. An ICO investigation found that an attacker installed malware on 5,390 tills at DSG’s Currys PC World…
Category: Business Sector
Avid Technology reports a breach that they discovered in 2018
What should states do when notification is made but took more than one year? Are explanations sufficient to avoid any penalties for late notice? Here’s a case where notice to some individuals was made more than 7 months after discovery of a problem, but others did not get notified for more than one year. Read…
Booking data stolen from Japanese short-time love hotel booking service HappyHotel
Duncan Riley reports: Japanese short-time love hotel search engine HappyHotel has suffered a data breach in which the details of clients were accessed by unknown hackers. The breach occurred on Dec. 22, with usernames, passwords, date of birth, phone numbers and home addresses of customers all being stolen. “Love hotels” are accommodations where people take…
KS: Computer Programmer Sentenced In Cyberattack Threat Case
A Wichita computer programmer was sentenced today to three years federal probation and a $2,000 fine for threatening cyberattacks against two web sites that posted criticism of Wichita lawyer Brad Pistotnik, U.S. Attorney Stephen McAllister said. David Dorsett, 37, Wichita, Kan., pleaded guilty to two counts of making extortionate threats via the internet. In his…
What OPSEC? Member of “thedarkoverlord” allegedly used his personal details to set up hacking and extortion-related accounts.
In what seems like a mind-boggling OPSEC #FAIL, a U.K. man associated with thedarkoverlord allegedly used his real details to create bank accounts as well as to open email accounts, phone numbers, vpn, Twitter, and PayPal accounts that thedarkoverlord used as part of its operations to hack and extort victims. For a group that signed…
FTC Finalizes Settlement with Utah Company and its former CEO over Allegations they Failed to Safeguard Consumer Data
The Federal Trade Commission has granted final approval to a settlement with a Utah-based technology company related to allegations that the firm failed to put in place reasonable security safeguards, allowing a hacker to access the personal information of more than a million consumers. The FTC alleged that InfoTrax Systems, L.C. and its former CEO Mark Rawlins failed to…