Jon Baines raises some interesting points in his discussion of a UK case where charges against police officers for violating the Data Protection Act were dropped in light of questions about whether they had ever been adequately trained to understand their responsibilities. Jon asks whether that situation should trigger an investigation by the Information Commissioner’s…
Category: Non-U.S.
KC engineer ‘exposed unencrypted spreadsheet with phone numbers, user IDs, PASSWORDS’
Kelly Fiveash reports: Hull’s dominant telco, KC, is investigating revelations of what appears to be poor handling of the company’s customer data. This comes after a recent sign-up claimed one of its engineers had unwittingly exposed a customer spreadsheet containing the telephone numbers, user IDs and unencrypted passwords of all its subscribers. Read more on…
Tokyo ordered to pay damages to Muslim victims of privacy breach
There’s a follow-up to a breach covered previously on this site involving a data leak from the Metropolitan Police Department in Tokyo. The Tokyo District Court ordered the Tokyo Metropolitan Government to pay 90 million yen (around $860,000) in damages to 17 Muslims for the breach of privacy lawsuit they filed against the city. Around 114 documents were leaked…
Australian police investigating teen who found database flaw
Jeremy Kirk reports: An Australian teenager who notified a public transport agency of a serious database flaw is under police investigation. Joshua Rogers, 16, of Melbourne, found a SQL injection flaw in a database owned by Public Transport Victoria (PTV), which runs the state’s transport system. The flaw allowed access to a database containing 600,000…
ZA: Hacker reveals e-toll website security flaw
Jan Vermeulen reports that a hacker has reported a vulnerability in the SANRAL website that exposes user information: This is due to a page on the South African National Roads Agency Limited (Sanral) website which can be exploited to expose the PIN of any registered e-toll website user. The page is intended to be used…
Pointer: MMMOOO hacked – 86,369 User Credentials Leaked
Over on CyberWarNews.info, Lee reported: Today a group of hackers going by the name hitlersec have been announcing some breaches and one of the is MMMOOO (http://www.immmooo.com/en/). MMMOOO is a website owned and operated by Shanghai Jibiao Info Tech Co., Ltd, and is a mobile phone application aimed at the Chinese market. Read more on Cyber…