The Norwegian data protection authority (Datatilsynet) has imposed an administrative fine of NOK 250,000 [USD $22,669.69] on Grue municipality for breach of GDPR requirements. They explain: Personal data that should have been confidential was made available to unauthorised persons in the municipality’s public records. This constitutes a breach of the municipality’s duty to ensure adequate…
Category: Exposure
Fr: Macron’s bodyguards reveal his location by sharing Strava data
Iain Thomson reports: The French equivalent of the US Secret Service may have been letting their guard down, as an investigation showed they are easily trackable via the fitness app Strava. An investigation by Le Monde has shown that members of the Security Group for the Presidency of the Republic (GSPR) have been openly displaying…
Hackers Disable Internet Archive’s Wayback Machine Once Again
Matt L. Hall reports: Hackers have again created havoc with the Internet Archive and its Wayback Machine, just one day after the site reported it had been restored. While Archive-It and the Internet Archive blog are still up, currently, the rest of IA’s services are seemingly unavailable. That means if you’re an avid user of…
Double trouble: DoctorsToYou has not one, but two data security incidents to address
On Wednesday, the RansomHub ransomware group added a listing for DoctorsToYou in New York to their leak site. Their listing included several screencaps that revealed personally identifiable information (PII) and protected health information (PHI). Some of the files specifically showed their name or letterhead. The listing did not indicate how many GB of data RansomHub…
600,000 Prison Inmates to Share in $6.49M Breach Settlement
Marianne Kolbasuk McGee A misconfigured web server and the exposure of sensitive information for nearly 600,000 prison inmates in 2022 will cost medical claims processing company CorrectCare $6.49 million to settle a consolidated proposed class action lawsuit, according to court records. The incident affected inmates who received medical care between January 2012 and July 2022…
Ie: PSNI fined £750,000 for ‘egregious’ data breach
Ireland Live reports: The Police Service of Northern Ireland has been fined £750,000 for an “egregious” data breach in which the personal information of staff and officers was released. The Information Commissioner’s Office (ICO) fined the organisation for the “serious” breach that left many PSNI workers fearing for their safety and said “simple-to-implement” procedures could…