Catharine Tunney reports: The RCMP inadvertently sent an account of someone’s suicide attempt to the wrong email chain, leaving the details in the inboxes of more than 160 people, according to a report on the mishap. The email included the person’s name and date of birth, details of the suicide attempt, the injuries they sustained…
Category: Commentaries and Analyses
ROMANIA: Romanian Data Protection Authority issues fine for inappropriate TOMs
Andrei Stoica of DLA Piper writes: Just days after proudly announcing its first fine under the GDPR, the Romanian Data Protection Authority has done it again: World Trade Center Bucharest S.A. must pay 15,000 euro for breaching the provisions of Art. 32 para. (4) GDPR corroborated with Art. 32 paras. (1) and (2) GDPR. What…
Ransomware Attacks Create Dilemma For Cities: Pay Up Or Resist?
Wade Goodwyn reports: It’s been a bad summer so far for government information systems. Hackers have used ransomware to attack the data networks of Baltimore, the Georgia courts system and Lake City, Fla., to name a few. And the decision as to whether to pay the extortionists ransom is fraught. Pay them, get the decryption…
Quebec, federal Privacy Commissioners investigate Desjardins breach
From the Office of the Privacy Commissioner of Canada, an announcement concerning the alleged rogue insider breach at a financial institution that impacted the personal information of more than 2.9 million of its members, including 2.7 million individual members and 173,000 business members. On July 8, the Commissioner announced: The Commission d’accès à l’information du…
Anaesthetic devices ‘vulnerable to hackers’
Chris Baraniuk reports: A type of anaesthetic machine that has been used in NHS hospitals can be hacked and controlled from afar if left accessible on a hospital computer network, a cyber-security company says. A successful attacker would be able to change the amount of anaesthetic delivered to a patient, CyberMDX said. Alarms designed to…
UK: Security Medway Council reforms eforms to stop blurting out residents’ details
Jude Karabus reports: Medway council in Kent has corked a hole in its website that spat out residents’ names, mailing addresses, phone numbers and email addresses after a Reg reader got in touch to complain. The breach appeared courtesy of some of Medway Council’s electronic forms. The council’s eforms were conceived during a collaboration of…