David Gambrill reports: Acting recklessly in breaching the confidential medical files of patients effectively falls within a hospital insurer’s commercial policy exclusion for committing an ‘intentional act,’ Ontario’s top court has ruled. The Ontario Court of Appeal found a hospital insurer, the Healthcare Insurance Reciprocal of Canada, does not have a duty to defend a…
Category: Non-U.S.
Pt: Hacker targets Lisbon hotel clients
The Portugal News reports: A hacker has infiltrated the Booking account of the Marino Boutique Hotel in Lisbon, and has managed to steal almost half a million euros in false bookings. According to CNN Portugal, the hacker established direct contact with hundreds of customers between 12 and 16 June, leaving the hotel without being able…
Chinese hackers targeting Russian government, telecoms: report
Jonathan Greig reports: Chinese hacking groups are targeting the Russian government and organizations in the telecommunications industry, according to a new report from cybersecurity company SentinelOne. The report found that there has been a noticeable increase in Russian targeting by suspected Chinese threat actors. Tom Hegel, senior threat researcher at SentinelOne, attributed the targeting to state-sponsored espionage…
No need to hack, when it’s leaking, Wednesday edition: WeWork India, Proud Makatizen in Philippines
Two large leaks involving personal information discovered by researchers. First up, Zack Whittaker reports: WeWork India has fixed a security lapse that exposed the personal information and selfies of tens of thousands of people who visited WeWork India’s coworking spaces. Security researcher Sandeep Hodkasia found visitor data spilling from the check-in app on WeWork India’s website, used…
Hungarian authority fines data controller EUR 7,500 data breach and rules free online services not suitable for high-risk processing
Dóra Petrányi, Katalin Horváth, Márton Domokos, and Daniella Huszár of CMS Cameron McKenna Nabarro Olswang LLP write: In the latest decision of the National Authority for Data Protection and Freedom of Information (NAIH), a data controller for a political party, responsible for a data breach where six Excel files were made publicly available through a…
UK: Thousands of students have data leaked on dark web by Vice Society
Kevin O’Sullivan and Michael Powell report on attacks by the ransomware team known as Vice Society on U.K. schools. Student data was disclosed on Vice’s dedicated leak site after their victims refused to pay ransom demands. The Daily Mail report includes Vice’s attacks on five schools and a sixth-form college, including Pilton Community College, The…