Help Net Security reports: A growing number of data breaches and security incidents can be directly linked to poor code quality, according to CAST. The data reveals finance and retail industry applications are the most vulnerable to data breaches, with 70 percent of retail and 69 percent of financial services applications shown to have data input…
Category: Commentaries and Analyses
MD: Ride On officials investigate potential passenger privacy breach
Kevin Wilson reports on some great advocacy efforts by a parent: Is Montgomery County safely storing your child’s confidential information? A local mother says, “No.” Bethesda resident Kathy Gambrell became troubled while signing up her 12-year-old son, Dakota, for a discounted bus card. The pass, called the Youth Cruiser SmarTripcard, provides unlimited Ride On bus service to…
AU data breach notification guide: A guide to handling personal information security breaches
The Office of the Australian Information Commissioner has released Data breach notification guide: A guide to handling personal information security breaches. Some excerpts: Preventing data breaches — obligations under the Privacy Act Security is a basic element of information privacy.4 In Australia, this principle is reflected in the Privacy Act in the APPs Agencies and…
NZ: Have your say on their new ‘Naming Policy’
From the Office of the Privacy Commissioner of New Zealand: We think it is time to ‘name names’ where it is warranted. Our view is that in certain circumstances, the Privacy Act is better served by revealing the organisations that have breached the law. Up to now, we’ve rarely publicly named organisations. It was done…
UK: Repeated security failings lead to £180,000 fine for Ministry of Justice
Long-time readers of DataBreaches.net will recall that I’ve posted breaches involving the UK Ministry of Justice before (cf this post or this post about a monetary penalty involving an email breach at HMP Cardiff). Now there’s another monetary penalty, it seems: The Information Commissioner’s Office (ICO) has served a £180,000 penalty on the Ministry of Justice over…
UK: Customer data loss soars at financial firms
Tessa Norman reports: The number of customer data loss incidents reported to the FCA [Financial Conduct Authority] has increased significantly in the past year. A Freedom of Information request published by the FCA shows that in 2013, the regulator was notified of 13 incidents where firms have lost customer data or had it stolen. Some…