From Out-Law.com: The Information Commissioner’s Office (ICO) in the UK cannot force companies to pay compensation to consumers affected by a data breach, the watchdog has confirmed. On Monday, the UK’s culture minister Ed Vaizey told MPs in the House of Commons that it would be “a matter for the Information Commissioner’s Office and TalkTalk to decide…
Category: Business Sector
OAIC accepts TeleChoice’s response to shipping container data breach
Corinne Reichart reports: TeleChoice has had an enforceable undertaking accepted by the Office of the Australian Information Commissioner (OAIC), promising to review its data security practices after the mobile services reseller’s customer information was found in a shipping container on publicly accessible land. The enforceable undertaking [PDF] will see TeleChoice, which resells Telstra’s 3G network, provide its…
Target Court Upholds Attorney-Client Privilege in Cyber Investigations
Stuart Altman and Michelle Kisloff write: In a decision issued late last Friday, the United States District Court for the District of Minnesota rejected an effort by class action Plaintiffs to access materials created in the course of Target’s investigation of its 2013 payment card breach that Target claimed were protected by the attorney-client privilege and…
UK: Thousands of Morrisons employees to sue bosses over huge data breach
It’s unusual to see a data breach lawsuit in the U.K., so this one will be one to watch. The Yorkshire Evening Post reports that approximately 2,000 employees are suing supermarket chain Morrisons over an insider data breach that involved the theft and posting online of the financial and personal details of 99,998 fellow employees by a…
Teen arrested in TalkTalk hack (UPDATE2)
Ben Quinn and Miles Brignall report: A 15-year-old boy has been arrested in Northern Ireland in connection with the cyber-attack on TalkTalk’s website. The arrest is the first major development since the phone and broadband provider said last week it had been hacked, prompting warnings from the company that the bank details and personal information of its four…
UK: Experian rules out GOV.UK Verify changes after T-mobile data breach
Neil Merrett reports: Experian has opted against making any immediate changes to the service it offers as a contracted identity provider for GOV.UK Verify following an unrelated data breach last month of one of its servers that contained some identifying information of T-Mobile customers in the US. Experian is among five companies currently accredited to…