Continuing what appears to be an increasing trend in the UK media to use freedom of information requests to obtain breach reports, Echo found that there had been 34 incidents involving patient data being lost or mislaid by health service staff in Gloucestershire since December 2007. The paper notes that the same request was sent…
Category: Non-U.S.
BT rebuts vulnerability claims
(This is a follow-up to a story reported here). Today, John Leyden of The Register reports that BT.com claims that the flaws HackersBlog reported only involved test systems and that no customer data were at risk. Whether BT’s statement was issued before or after HackersBlog published more about the alleged vulnerability and databases they were…
Lost or Missing in the UK
Brian Meechan of BBC Wales reports that in 2007, a CD with the personal details of more than 2,300 crime victims was lost in the post by Gwent Police, but none of those affected were ever notified because the police decided that the data could not be accessed. The CD had been password-protected, but the…
HK: Privacy Commissioner to investigate police data leakage
As a follow-up to what appears to be one toomany file-sharing leaks, the Office of the Privacy Commissioner for Personal Data has ordered an investigation.
UAE: Newspaper staff salaries leaked on internet
Salaries of Abu Dhabi-based newspaper The National’s entire editorial staff have been posted on Wikileaks. Makt006 Business has more on the impact.
HackersBlog exposes BT.com vulnerability (updated)
“Unu” of HackersBlog reports that they have been able to access at least one of UK telecom BT’s databases through SQL injection: A faulty parameter, improperly sanitized opens the vault to the pretious databases. One can gain access to such ordinary things as personal data, login data, and the like. In the first syntax I…