The London Borough of Greenwich recently signed an undertaking with the Information Commissioner’s Office following two incidents in which unencrypted personal and sensitive information were disclosed due to: (1) failure to encrypt and (2) sending sensitive information by e-mail to external addresses at all . From the undertaking: The Information Commissioner (the ‘Commissioner’) was provided…
Category: Non-U.S.
Another Korean data breach – GOMTV.NET reports hacker compromised user information, including passwords
Paul Ducklin reports that Seoul-based streaming media service GOMTV suffered a breach involving usernames and passwords. An email sent to customers on August 14 said: Dear Valued GOMTV.net users: We regretfully inform you that approximately at 2 AM KST, Aug.12th, there has been an attack against our web site, GOMTV.net. We have found that some…
HK: OFTA computer with personal data stolen
The Office of the Telecommunications Authority says a notebook computer belonging to a member of staff, which contains the personal data of more than 500 people, has been stolen. It said information stored in the computer includes personal details of OFTA’s Emergency Response System team and representatives of other government departments. OFTA has apologised to…
S. Korea plans to scrap online real-name system in wake of massive hack
It appears that a massive data breach affecting 35 million South Koreans who use popular portal and social networking sites Nate and Cyworld has served as a wake-up call for the government: The South Korea government will push ahead with plans to scrap the current real-name system for Internet users in the wake of the…
ICO failure to punish Lush for data breach sends wrong message, says SecurEnvoy
Warwick Ashford reports: The failure of the Information Commissioner’s Office to impose a monetary penalty against cosmetics firm Lush – for failing to protect thousands of customer records from hackers – sends out all the wrong messages, according to authentication firm SecurEnvoy. “What we have here is a major e-commerce web portal – run by a…
UK: Hack of Lush Cosmetics results in undertaking
Back in January, I noted that Lush Cosmetics had been hacked and customer data acquired and misused. The company reportedly only became aware of the breach after receiving reports from almost 100 customers who had become victims of card fraud. Today, the UK’s Information Commissioner’s Office revealed that Lush was required to sign an undertaking…