Darren Pauli reports: A popular Brazilian newspaper has been hacked by attackers who used code that attacked readers’ home routers, says researcher Fioravante Souza of web security outfit Sucuri. Attackers implanted iFrames into the website of Politica Estadao, which when loaded began brute force password guessing attacks against users. Read more on The Register.
Category: Non-U.S.
(Another) WINZ privacy blunder
John Cousins and Fritha Tagg report: Confidential documents detailing the mental health conditions of beneficiaries were given to a woman in a major privacy blunder. Waihi resident Tracy Hall says the documents, which contain the names, phone numbers and mental health details of dozens of Work and Income clients, were given to her in error….
Ernst & Young accused by Canadian of massive data breach
Ellen Messmer reports: A used computer dealer in Canada claims he discovered a trove of Ernst & Young customer business data on Dell servers bought back in 2006 — and he wants the global consultancy to pay him to return the data. But is the breach for real or just a hoax? Mark Morris, who…
Irish Water confirms possible breach of data protection
From RTÉ: Irish Water has confirmed a possible breach of data protection may have occurred after it sent information packs with the wrong names to over 6,000 customers. The water company said it occurred with packs sent to the owners of multiple properties. The company has contacted the customers involved. They also alerted the Data…
UK: Isle of Scilly Council ordered to review procedures following data incidents
From the Information Commissioner’s Office: The Information Commissioner’s Office (ICO) has ordered the Council of the Isle of Scilly to implement new data protection policies and training after two data breaches involving the disclosure of personal data. The first breach occurred in June 2013 when an attachment inadvertently included in an email revealed personal data…
Earthquake data privacy breach ‘avoidable’
Charles Anderson reports: A review of the Earthquake Commission’s handling of the privacy breach that revealed the details of all Canterbury claimants found the error could have been avoided. The breach might not have happened if EQC had learned lessons from a similar breach at another government agency, the review said. In early 2013, 83,000…