Jessica Haworth has more details on a breach previously reported on this site. More than a million South African citizens have potentially had their personal data exposed after a ransomware attack at a debt recovery services firm. The company in question, Debt-IN Consultants, confirmed this week (September 22) that it had been the victim of a cyber-attack which resulted in a…
Category: Non-U.S.
UK: Second MOD data breach uncovered putting safety of Afghan interpreters at risk
Lizzy Buchan reports that there was a second email gaffe that exposed additional Afghan interpreters. Once again, it seems, email addresses were visible to all addressees instead of being in the blind-copied fields. Some 55 people’s details were revealed, according to the BBC. The disastrous blunder comes after Defence Secretary Ben Wallace was forced to…
NZ: Reserve Bank hit with compliance notice from Privacy Commissioner over data breach
Chris Keall reports: The Reserve Bank has suffered the ignominy of being the first organisation to be hit by a compliance notice under the new Privacy Act, which came into force in December last year. Privacy Commissioner John Edwards says an independent review carried out by KPMG after a December 2020 cyber attack “revealed multiple…
EU chief announces cybersecurity law for connected devices
Luca Bertuzzi reports: European Commission President Ursula von der Leyen announced on Wednesday (15 September) a Cyber Resilience Act aimed at setting common cybersecurity standards for connected devices. […] The Commission initiative adds to an existing proposal for a Directive on Security of Network and Information Systems, commonly known as the NIS2 Directive. NIS2 expands…
African Bank warns of data breach with personal details compromised
BusinessTech reports: African Bank has confirmed that one of its appointed professional debt recovery partners, Debt-IN, was targeted by cybercriminals in April 2021. At the time, expert security advice concluded that there was no evidence that the ransomware attack had resulted in a data breach – however, Debt-IN is now aware that the personal data…
In: Teen helps IRCTC fix bug that could expose passenger’s private information
DNA reports: A 17-year-old student in a private school in Chennai’s Tambaram has helped the Indian Railway Catering and Tourism Corporation (IRCTC) fix a bug in its online ticketing platform, which could have exposed millions of passengers and their private information. Ranganathan said that the critical Insecure Object Direct References (IODR) vulnerability on the website…