Troy Hunt writes: It’s a bit hard to even know where to begin with this one, perhaps at the start and then I’ll try and piece all the bits together as best I can. As you may already know if you’re familiar with this blog, I run the service Have I been pwned? (HIBP) which…
Category: Business Sector
UK: Marks & Spencer Website Suspended After Customer Data Breach
Tom Jowitt reports: Marks & Spencer temporarily suspended its website on Tuesday night after “technical difficulties” that exposed customer information to other website users. But the British retailer insisted that its website was not hacked by outside third parties, and there is no security risk for affected customers. Read more on TechWeek Europe.
TalkTalk requiring upset customers pay contract termination fee after data breach
From the if-they-have-a-PR-firm-are-they-even-listening-to-them dept: TalkTalk is becoming the poster child for poor PR and how NOT to respond after a data breach. In today’s installment, the BBC reports that the firm will only waive contract termination fees if the customer has had money stolen from them. “In the unlikely event that money is stolen from…
UK: ICO confirms issue of data breach compensation a matter for consumers to pursue with companies or via the courts
From Out-Law.com: The Information Commissioner’s Office (ICO) in the UK cannot force companies to pay compensation to consumers affected by a data breach, the watchdog has confirmed. On Monday, the UK’s culture minister Ed Vaizey told MPs in the House of Commons that it would be “a matter for the Information Commissioner’s Office and TalkTalk to decide…
OAIC accepts TeleChoice’s response to shipping container data breach
Corinne Reichart reports: TeleChoice has had an enforceable undertaking accepted by the Office of the Australian Information Commissioner (OAIC), promising to review its data security practices after the mobile services reseller’s customer information was found in a shipping container on publicly accessible land. The enforceable undertaking [PDF] will see TeleChoice, which resells Telstra’s 3G network, provide its…
Target Court Upholds Attorney-Client Privilege in Cyber Investigations
Stuart Altman and Michelle Kisloff write: In a decision issued late last Friday, the United States District Court for the District of Minnesota rejected an effort by class action Plaintiffs to access materials created in the course of Target’s investigation of its 2013 payment card breach that Target claimed were protected by the attorney-client privilege and…