Have civil monetary penalties (CMP) for data protection breaches had any impact in the U.K.? The Information Commissioner’s Office has had the authority to issue such penalties since April 2010 for serious breaches of the Data Protection Act (DPA), and since May 2011 for serious breaches of the Privacy and Electronic Communications Regulations (PECR). From…
Category: Non-U.S.
JP: Gifu police leak data to private company on local opposition to turbine project
As reported by the Asahi Shimbun: Officers with the Gifu Prefectural Police leaked personal information to a Chubu Electric Power Co. subsidiary about residents and others opposed to a plan to construct wind turbines in their neighborhood. Their actions could constitute a violation of the Local Public Service Law that imposes confidentiality obligations on local…
ZA: How to wreck customer relations
Wendy Knowler reports: As corporate mess-ups go, it was pretty big. A “pre-legal credit controller” employed by cellphone service provider Altech Autopage sent an e-mail to 45 of its subscribers earlier this month, many of them former subscribers, telling them to pay up or face the consequences. “We refer to your Altech Autopage account which…
European Central Bank receives blackmail letter after hack
The Local reports: The European Central Bank in Frankfurt has received a blackmail letter after its public website was hacked and contact data stolen, the bank said on Thursday. “There has been a breach of the security protecting a database serving (our) public website,” the ECB said in a statement. “This led to the theft…
UK: Online travel services company hit with monetary penalty by ICO following hack
From the Information Commissioner’s Office: Think W3 Limited, an online travel services company, has been served a £150,000 monetary penalty after a serious breach of the Data Protection Act revealed thousands of people’s details to a malicious hacker. The company was hacked in December 2012 after using insecure coding on the website of a subsidiary business, Essential…
Update: Benesse data theft suspect’s smartphone had info on 22.6 million customers
Updated breach estimate and scope: Education services provider Benesse Corp. said personal data on 22.6 million customers were stored on a smartphone owned by the Tokyo systems engineer under arrest on suspicion of theft and illegal copying of customer data. While announcing the figure Monday, Benesse, a subsidiary of Benesse Holdings Inc., said the stolen…