As seen on the European Data Protection Board (EDPB): The Norwegian Data Protection Authority has fined the Municipality of Indre Østfold EUR 20 000 (NOK 200,000) for a confidentiality violation. Personal data that should have been restricted was available to unauthorized persons. The Municipality of Indre Østfold, formerly the Municipality of Askim, published the records…
Category: Government Sector
Unsecured: Jamaica’s immigration website exposed thousands of travelers’ data
Zack Whittaker reports: A security lapse by a Jamaican government contractor has exposed immigration records and COVID-19 test results for hundreds of thousands of travelers who visited the island over the past year. The Jamaican government contracted Amber Group to build the JamCOVID19 website and app, which the government uses to publish daily coronavirus figures and allows…
UPDATED: California DMV halts data transfers with third-party company after Automatic Funds Transfer Services security breach
Update: As BleepingComputer reports, the AFTS attack appears to be the work of the Cuba ransomware threat actor(s) who claim to have exfiltrated “Financial documents, correspondence with bank employees, account movements, balance sheets, tax documents.” They offer to sell the data on their dedicated leak site on the dark web, but do not list any…
In: Exclusive: Congress puts personal data of thousands of its supporters at risk, massive security loophole found on its website
OpIndia staff report: The recently launched drive by the Congress party to induct a whopping 5 lakhs ‘social media warriors’ to support the party has turned out to be an exercised marred with massive security loopholes. The Congress IT cell seems to have slipped even in employing basic IT security systems in place for this…
BE: Seraing: the City hit by a cyber attack!
DHNet reports (translation): Last weekend, the city of Seraing reported that its services were temporarily inaccessible to the public and for a reason beyond its control. Indeed, since the computer network of the city of Seraing was the victim of a malicious attack! A complaint has been filed. As specified to the city of Seraing,…
Bannock County, Idaho – Notice of Data Security Event
February 11, 2021 – Bannock County, Idaho (“Bannock County”) is providing notice of a data privacy event related to certain individuals associated with Bannock County. Bannock County takes this event seriously and is providing information about the event and steps individuals may take to help protect impacted individuals’ personal information, should they feel it is…