Alexander J. Martin reports that the Home Office had 33 data breaches during the last financial year, but did not report any of them to the Information Commissioner’s Office (ICO). The incidents were disclosed in the department’s annual report and accounts 2014-15 (PDF). There’s nothing illegal about the failure to notify the ICO, however. Martin reports: The number…
Category: Commentaries and Analyses
National Association of Attorneys General: Federal Data Breach Legislation Should Not Preempt States
The National Association of Attorneys General (NAAG) sent a letter today to congressional leaders urging them to ensure that federal data breach legislation preserves states’ ability to enforce state laws in order to protect consumers from data breaches and identity theft. Most of the federal bills related to data security and data breach notification pending…
GhostShell Returns with a New Hacking Concept – Dark Hacktivism
Ionut Ilascu writes: Breaking into the systems of an organization and accessing files without authorization is regarded as trespassing. The motivation behind this act can be anything from financial gain to proving one’s skills among fellow hackers. No matter the reasons, the success of such an action is most of the times due to lack…
Poor security at Japan Pension Service preceded cyber-attack / Most leaked files not protected by passwords
Yomiuri Shimbun reports: An investigation into the recent unauthorized access of personal information from the Japan Pension Service found that 99 percent of the files accessed were not protected by passwords, sources said. This contrasts with multiple reports issued since 2013 by all JPS offices nationwide claiming full compliance on password rules. If the files…
Breach snobs
So Harvard gets hacked and dozens of media outlets dutifully headline it. But when millions of students, faculty, and staff at Maricopa County Community College District (MCCCD) had their hacked personal and financial information up for sale after MCCCD failed to properly secure their network following an earlier hack, most media outlets never even mentioned it – and…
UK: Privacy watchdog ICO slashes its fines in half
Kat Hall reports: The total value of fines issued by the UK Information Commissioner’s Office has halved compared with last year – despite the watchdog receiving roughly the same number of complaints about data protection. In 2014/15, the ICO issued £1.1m in so-called civil monetary penalties, £386,000 of which were for companies behind nuisance calls…