The Daily Echo has a follow-up on a previously noted breach: A watchdog will take no further action against South Central Ambulance Service (SCAS) after personal details of its staff were accidentally posted online. Confidential details including sexuality, ethnicity and religion of nearly 3,000 of its staff were mistakenly published on the service’s website in October. Now the…
Category: Non-U.S.
Hackers pop Brazil newspaper to root home routers
Darren Pauli reports: A popular Brazilian newspaper has been hacked by attackers who used code that attacked readers’ home routers, says researcher Fioravante Souza of web security outfit Sucuri. Attackers implanted iFrames into the website of Politica Estadao, which when loaded began brute force password guessing attacks against users. Read more on The Register.
(Another) WINZ privacy blunder
John Cousins and Fritha Tagg report: Confidential documents detailing the mental health conditions of beneficiaries were given to a woman in a major privacy blunder. Waihi resident Tracy Hall says the documents, which contain the names, phone numbers and mental health details of dozens of Work and Income clients, were given to her in error….
Ernst & Young accused by Canadian of massive data breach
Ellen Messmer reports: A used computer dealer in Canada claims he discovered a trove of Ernst & Young customer business data on Dell servers bought back in 2006 — and he wants the global consultancy to pay him to return the data. But is the breach for real or just a hoax? Mark Morris, who…
Irish Water confirms possible breach of data protection
From RTÉ: Irish Water has confirmed a possible breach of data protection may have occurred after it sent information packs with the wrong names to over 6,000 customers. The water company said it occurred with packs sent to the owners of multiple properties. The company has contacted the customers involved. They also alerted the Data…
UK: Isle of Scilly Council ordered to review procedures following data incidents
From the Information Commissioner’s Office: The Information Commissioner’s Office (ICO) has ordered the Council of the Isle of Scilly to implement new data protection policies and training after two data breaches involving the disclosure of personal data. The first breach occurred in June 2013 when an attachment inadvertently included in an email revealed personal data…