Category: Non-U.S.

AU: Researcher finds ACY Securities leaking 60 GB of User Data

Posted on by Dissent

ACY Securities describes itself as one of Australia’s fastest growing multi-asset online CFD trading providers. But as first reported by HackRead, the trading firm was leaking 60 GB of user data until independent researcher Anurag Sen persisted in trying to alert them to a misconfigured elasticsearch database. As seen by Hackread, the data included personally…

Read more

Pysa shuttered its leak site before it ever dumped data from more than half a dozen schools. Here’s what we know so far.

Posted on by chum1ng0

The education sector has always been a relatively easy target for cybercriminals. One group in particular —  Pysa —  earned a reputation for its ransomware attacks on schools. Despite analyses and alerts in March, 2021 by threat intel firms and the U.S. government indicating that Pysa was a major threat to the education sector in…

Read more

Thailand’s Personal Data Protection Act Enters into Force

Posted on by Dissent

Hunton Andrews Kurth writes: On June 1, 2022, Thailand’s Personal Data Protection Act (“PDPA”) entered into force after three years of delays. The PDPA, originally enacted in May 2019, provides for a one-year grace period, with the main operative provisions of the law originally set to come into force in 2020. Due to the COVID-19 pandemic,…

Read more

Icare sends private details of 193,000 workers to wrong employers

Posted on by Dissent

Lucy Cormack reports: The personal details of almost 200,000 injured workers were mistakenly shared with 587 employers and insurance brokers in a major privacy data breach by embattled state insurer icare last month. A senior source with direct knowledge of the breach said the details of 193,000 employees were contained in spreadsheets that were mistakenly…

Read more