Barb Pacholik reports: While snooping in SGI’s database earned a Highways Ministry traffic officer a suspension, the province’s privacy watchdog wants a longterm plan to prevent such breaches. “We take this very seriously. This is not acceptable behaviour. That’s why the individual was suspended for 20 days without pay,” Highways Minister Don McMorris told reporters…
Category: Non-U.S.
Witchery pulls mobile site after customer details exposed
Sarah Michael reports: Witchery has shut down its mobile website after it was hit with a security breach that exposed customers’ personal details and orders. A glitch in the “track my order” function for online shopping opens personal details pages of other customers, and even allows them to edit the information. It also allows them…
Vodafone Iceland breached, customer details, SMSes stolen
Michael Lee reports: Vodafone Iceland is now in the middle of an investigation into how its website was attacked and customer data information, including SMS messages, were leaked to the public. On November 30, the company’s Icelandic website was defaced by attackers and subsequently taken offline. At the time, Vodafone did not believe that any…
UK: An undertaking serves as a reminder that all employees need to be trained on data protection
The Information Commissioner’s Office (ICO) notes that an Undertaking has been signed by the Royal Borough of Windsor & Maidenhead, following an incident in which restricted information about 257 employees was disclosed on its intranet in error. The incident occurred in January of 2013 when a spreadsheet with details on employees who had not signed…
UK: Foyle Women’s Aid undertaking and follow-up
I guess the Information Commissioner’s Office (ICO) doesn’t publicly post all undertakings, as we are first finding out about an August undertaking in November, when a follow-up was conducted and disclosed. In June 2012, the ICO learned that a folder belonging to a Criminal Justice Support worker employed by Foyle Women’s Aid, was left in a…
UK: Council criticized for data protection breaches
BBC reports: A report by the Information Commissioner said “immediate action is required” to ensure Anglesey council complies requirements (sic). It said “physical security and storage standards relating to manual records within the council’s offices were not appropriate”. The council says it has agreed an action plan to address concerns and said work was already…