Non-U.S. – Page 15 – DataBreaches.Net

Unprecedented increase in liability for personal data leaks in the Russian Federation to take effect in May 2025

Posted on December 4, 2024 by Dissent Doe

Advant Beiten writes: A law increasing administrative liability for personal data leaks was signed on 30 November 2024 (No. 420-FZ) (the “Law“). The Law will enter into force on 30 May 2025. A new article of the Criminal Code of the Russian Federation also enters into force on 11 December 2024. It establishes liability for the illegal use and/or transfer,…

Bolton Walk-In Clinic in Ontario: lock down your backup already!

Posted on December 3, 2024December 17, 2024 by Dissent

DataBreaches hates reporting on an incident when the entity has not yet secured misconfigured storage, but after four months of futile efforts to get a Canadian clinic to respond to responsible disclosures, maybe publication will help get them off the dime. Bolton Walk-In Clinic in Ontario has a data protection policy that says: We are…

PDPC: Breach of the Protection Obligation by HMI Institute of Health Science

Posted on November 30, 2024 by Dissent

A financial penalty of $10,000 was imposed and directions were issued to HMI Institute of Health Science for failing to put in place reasonable security arrangements to protect the personal data of former students. Case No. DP-2405-C2321 HMI Institute of Health Science Pte. Ltd. (the “Organisation”) is a healthcare training provider in Singapore. On 2…

Administrative fine of €330,000 issued to Polish medical company after a hacking incident

Posted on November 29, 2024 by Dissent

Background information Date of final decision: 20 May 2024 National case Legal Reference (s): Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 32 (Security of processing) Decision: Administrative fine, Compliance order Key words: Accountability, Administrative fine, Data subject rights, Hacker attack, National identification number, Responsibility of the controller…

Russia arrests cybercriminal Wazawaka for ties with ransomware gangs

Posted on November 29, 2024November 29, 2024 by Dissent

Sergiu Gatlan reports: Russian law enforcement has arrested and indicted notorious ransomware affiliate Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin) for developing malware and his involvement in several hacking groups. While the prosecutor’s office has yet to release any details on the individual’s identity (described as a “programmer” in court documents),…

Cyberattack on debt acquisition firm Cabot involved theft of 394,000 data files, court hears

Posted on November 29, 2024 by Dissent

The Irish Times reports: A cyber attack targeting acquisition and credit servicing firm Cabot involved theft of some 394,000 data files, including material related to its direct customers and its loan book, the High Court has heard. Cabot Financial (Ireland) Ltd, Cookstown Court, Old Belgard Road, Tallaght, Dublin, claims there are “persons unknown” behind the attack along with a…