From Hunton Andrews Kurth: On June 6, 2019, the French Data Protection Authority (the “CNIL”) announced that it levied a fine of €400,000 on SERGIC, a French real estate service provider, for failure to (1) implement appropriate security measures and (2) define data retention periods for the personal data of unsuccessful rental candidates. Read more…
Category: Business Sector
FIN8 hackers return after two years with attacks against hospitality sector
Catalin Cimpanu reports that researchers claim to have spotted evidence of ongoing and increasing FIN8 activity: But in a report published today, cyber-security firm Morphisec said it detected and stopped new FIN8 attacks aimed at companies in the hospitality industry. These new attacks leveraged the same malware the group had used in the past but…
UK: TalkTalk hacker Daniel Kelley sentenced to 4 years in jail
From the Crown Prosecution Service: A blackmailing hacker behind the TalkTalk cyber-attack – which cost the company £77million after the personal details of 157,000 customers were stolen – has today (10 June) been sentenced. Daniel Kelley, 22, admitted targeting at least six organisations by threatening to sell their hacked data on the ‘dark web’ unless…
CBP says traveler and license plate images were stolen in data breach
Zack Whittaker reports: U.S. Customs and Border Protection has confirmed a data breach has involved the photos of passengers traveling in and out of the United States. The photos were obtained from a subcontractor’s network through a “malicious cyberattack,” a CBP spokesperson told TechCrunch. The agency first learned of the breach on May 31. “CBP…
Former Corp IT Director Convicted of Computer Fraud
Rachel Cohen reports on a hacking incident involving Corp-Students of Georgetown, Inc. (“The Corp.”). Former Georgetown student Justice Suh pleaded guilty on one count of computer fraud for hacking The Corp’s email system. The federal government charged Suh in D.C. federal court in April 2019, and the U.S. government representative in this case recommended a…
SG: Firm fined $4k by PDPC for leak of more than 400 national servicemen’s data
Lim Min Zhang reports: A firm has been fined $4,000 by Singapore’s privacy watchdog for the leak of the personal data of more than 400 national servicemen on June 12 last year due to a technical error. The data comprised the log-in identifications, e-mail addresses, delivery addresses and mobile phone numbers of 427 men from…