Popular cosmetics chain Lush has been attacked by hackers, with consumer credit card information and personal details having been used for fraudulent purchases. It appears as though the hackers may have been stealing sensitive data for up to four months, and Lush has advised consumers to contact their banks if they thought their details had…
Category: Non-U.S.
Criminal finance database security worries peers
Alex Stevenson reports: A database monitoring 1.5 million suspicious criminal transactions may be insecure, a committee of peers has warned. The House of Lords’ EU committee backed the view of the information commissioner that access to the Serious Organised Crime Agency’s Elmer database may be too wide. The database is Soca’s main tool in identifying…
UK: Police apologize over data loss incidents but need crystal ball at this point
This is somewhat painful to read. Maybe Jack Nicholson’s available to do a movie we could call, “As Bad as It Gets?” James Burke reports: Police in Gloucestershire have admitted to a data loss incident involving confidential details, although the force also confesses it has no idea what information was lost. An investigation by the…
UK: Lush website hack ‘exposes credit card details’
John Leyden writes: Luxury cosmetics firm Lush has ditched its UK website in response to a sustained hacking attack which left users vulnerable to credit card fraud. The firm warns that credit card details submitted to the Lush.co.uk site between 4 October and 20 January may have been compromised by the assault by unknown hackers….
Sydney Festival in privacy glitch
Luke Hopewell reports: Organisers behind the annual Sydney Festival have inadvertently committed a privacy breach by sending an email to users that displayed the contents of its mailing list. The email contains the email addresses of around 130 people who registered for a festival mailing list, some from government departments, Sony Music, JP Morgan and…
NSW Privacy Commissioner investigates University of Sydney data breach
Ben Grubb reports: NSW acting privacy commissioner John McAteer today said that his office was “examining” a data breach through which the detailed records of thousands of University of Sydney students past and present were leaked. The records were being stored online where they could be downloaded easily and read via an internet connection. It…