Sofia Mandelert, Thamilla Talarico, Nuria López and Renato Gomes Malafaia of Daniel Law write: Following procedures contained in the LGPD (Brazil’s new data protection law), the international company Enel, with operations in Brazil, has started contacting its customers in relation to a data breach affecting the data of at least 300 thousand clients in the…
Category: Non-U.S.
Mensa Website Hacked After Britain’s Smartest Folk Failed To Secure Passwords
Barry Collins reports: British Mensa, the society for people with high IQs, failed to properly secure the passwords on its website, prompting a hack on its website that has resulted in the theft of members’ personal data. Eugene Hopkinson, a former director and technology officer at British Mensa, stood down this week, claiming that the…
Ca: Premier Tech victim of a cyberattack
Translation of reporting by Samuel Gosselin Belanger: Premier Tech has been managing a real crisis for several days. The company confirmed, Friday morning, that the computer failure that has affected the company since Tuesday is in fact a cybersecurity incident. […] For the moment, the Rivière-du-Loup company refuses to say if a ransom has been…
FR: CNIL Fines a Data Controller and Its Processor 225,000 Euros for Security Violation in Connection with Credential Stuffing
Hunton Andrews Kurth writes: On January 27, 2021, the French Data Protection Authority (the “CNIL”) announced (in French) that it imposed a fine of €150,000 on a data controller, and a fine of €75,000 on its data processor, for failure to implement adequate security measures to protect customers’ personal data against credential stuffing attacks on the website…
Take responsibility when you are hacked, hacker advises Indian companies
So now ShinyHunters is telling Indian companies that they must take full responsibility if their data is hacked?
UKRI issues statement about ransomware attack
GC reports: The UK Research and Innovation (UKRI) has sustained a cyber attack adversely affecting several of its web assets, which has resulted in data being encrypted by a third party. After reporting the incident to the National Crime Agency, the National Cyber Security Centre and Information Commissioner’s Office, UKRI stated that at this point…