Warren Riddle reports: Earlier this month, an unnamed hacker reportedly infiltrated a Nintendo 3DS promotional site and uncovered the names, e-mail addresses and postal codes of 4,000 Nintendo members. The assailant then allegedly blackmailed Nintendo because he believed “the firm had shown negligence in not securing the information more effectively.” According to Naked Security, Nintendo alerted the…
Category: Non-U.S.
Lush web sites in AU and NZ also hacked
Last month, this blog reported that the UK site of Lush cosmetics had been hacked. Three weeks later, Lush customers in Australia and New Zealand are being notified by email that those Lush sites were hacked as well. The breaches occur to be separate hacks and reportedly only affect those who placed orders online. The…
UK: Treasury does well out of local data breaches
Taxpayers’ money is being used to pay hundreds of thousands of pounds of fines imposed on councils for data protection breaches. In the past two months, the Information Commissioner’s Office (ICO) has fined councils more than £350,000 for falling foul of laws. Defending the decisions the ICO said the purpose of monetary penalties is to…
UK: Police officers and staff broke data laws 67 times in three years
Often, the only way we find out the scope of a problem is when the media or activists file a freedom of information request. Some data revealed thanks to a Freedom of Information request made by the Scunthorpe Telegraph: Humberside Police officers and staff breached data protection laws 67 times in the past three years,…
UK: Around 10,000 CRB background checks land in the wrong inbox
Gwent Police is taking remedial action after the Information Commissioner’s Office (ICO) found it in breach of the Data Protection Act for accidentally emailing results of Criminal Reference Bureau (CRB) checks performed by the force to a member of the public. An email containing a spreadsheet of the results of around 10,000 CRB enquiries was…
UK: Labour forum leaks email addresses
John Leyden reports: Basic design flaws on a Labour party members forum exposed the email addresses of users to harvesting. Surfers who register through the site http://members.labour.org.uk were invited to confirm their membership, and activate their account, by clicking on the link in an email sent to a specified account. The email follows the form…