John Leyden of The Register reports: The website of science journal Nature has suffered a security breach that resulted in the potential exposure of users’ login credentials. The login credentials were stored in an encrypted form, making them hard to extract. But Nature.com has still opted to reset the passwords of affected users, as a…
Category: Non-U.S.
UK: Children’s details published on website in council blunder
Annie Riddle of The Salisbury Journal reports that 146 special needs (i.e., special education) children had their personal details published on a Wiltshire County Council website. What makes this one worse is that the council had been alerted to the problem in 2004 and thought it had been taken care of back then. Two weeks…
Police in Romania detain 20 alleged hackers
The Associated Press reports that police in Romania have detained 20 people suspected of cloning the web sites of banks in other countries to deplete customers’ bank accounts. Individuals in both Spain and Italy were affected. In another case, police detained a person suspected of hacking into the servers of U.S. universities and government agencies,…
UK: List of health service security blunders exposed
Continuing what appears to be an increasing trend in the UK media to use freedom of information requests to obtain breach reports, Echo found that there had been 34 incidents involving patient data being lost or mislaid by health service staff in Gloucestershire since December 2007. The paper notes that the same request was sent…
BT rebuts vulnerability claims
(This is a follow-up to a story reported here). Today, John Leyden of The Register reports that BT.com claims that the flaws HackersBlog reported only involved test systems and that no customer data were at risk. Whether BT’s statement was issued before or after HackersBlog published more about the alleged vulnerability and databases they were…
Lost or Missing in the UK
Brian Meechan of BBC Wales reports that in 2007, a CD with the personal details of more than 2,300 crime victims was lost in the post by Gwent Police, but none of those affected were ever notified because the police decided that the data could not be accessed. The CD had been password-protected, but the…