Joel Khalili reports: A gaping security hole has been discovered in the NHS vaccination booking website, which can be easily exploited to find out whether someone has received a jab. The problem relates to the way the website treats different users, depending on how far along they are in the vaccination process. Read more on…
Category: Non-U.S.
NSW readies its own data breach notification scheme for state agencies
Asha Barbaschow reports: The New South Wales government is preparing a new Bill that will require public sector and state-owned entities to report a data breach to the Privacy Commissioner as well as any affected individuals. The Privacy and Personal Information Protection Amendment Bill 2021 aims to strengthen privacy protection in NSW and extends the federal breach…
Ca: Brreach possibly affects 100s of Yukon gov’t workers: Department of Finance.
Julien Gignac reports: Roughly 400 Yukon government employees may have been affected by a recent privacy breach, according to a spokesperson at the Department of Finance. […] According to a government-issued notice obtained by CBC, a problem occurred during the processing of T4 and T4A slips that may have caused information such as Social Insurance…
Ro: Cluj County Council’s website was hacked by hackers. They are asking for $100 in bitcoins
Digi24 reports that the Cluj County Council was hacked and the threat actors demand $100 USD in BTC if the council doesn’t want the files dumped. The following is a translation of the defacement: All files have been encrypted and a backup copy of the site has been saved. If you do not want the…
Fr: Ransomware attack on environmental center resulted in data loss
La Nouvelle Republique reports that the Permanent Center for Environmental Initiatives of Gâtine (CPIE) experienced a cyberattack on April 18 that resulted in irretrievable data loss. “We had a cryptographic virus that got into our computer server. When we opened the system, all our files had the same name. And if we wanted to decrypt…
Privacy Updates from China: Proliferation of Sector-Specific Rules As Key Legislation Remains Pending – Part 2: Data Protection in the Financial Sector
Yan Luo, Zhijing Yu, and Vicky Liu of Covington & Burling write: In Part 1 of this blog series (see here), we discussed recent data protection developments in China’s e-commerce sector. In this post, we discuss recently issued rules aimed at improving data governance in China’s financial sector that could also have data protection implications. These…