March 26, 2025 – Gatineau, Quebec Privacy Commissioner of Canada Philippe Dufresne has launched a new online tool that will help businesses and federal institutions that experience a privacy breach to assess whether the breach is likely to create a real risk of significant harm to individuals. The privacy breach risk self-assessment tool is a convenient web-based application…
Category: Non-U.S.
The PIPC Sanctions Woori Card for Data Breaches, Imposing KRW 13.45 billion
The Personal Information Protection Commission (PIPC) held its seventh plenary meeting of 2025 and reached a decision to sanction Woori Card Co., Ltd. (Woori Card) for data breaches on March 26, 2025. Administrative sanctions by the PIPC are as follows: A penalty for violations (Gwajingguem) of KRW 13.45 billion; A publication order of sanction results…
Ransomwared NHS software supplier nabs £3M discount from ICO for good behavior
Connor Jones reports the latest update on the ransomware attack affecting Advanced Computer Software: The UK’s data protection watchdog is dishing out a £3.07 million ($3.95 million) fine to Advanced Computer Software Group, whose subsidiary’s security failings led to a ransomware attack affecting NHS care. This is nearly half the fine the Information Commissioner’s Office provisionally floated…
Malaysia’s Anwar says ‘no way’ to US$10 million ransom demand to end airport cyberattack
Joseph Sipalan reports: Malaysia’s Prime Minister Anwar Ibrahim said on Tuesday that hackers demanded a US$10 million ransom for a cyberattack that paralysed some operations at Kuala Lumpur International Airport (KLIA) over the weekend, raising concerns about the airport’s cybersecurity and potential risks to travellers’ safety. Anwar confirmed that Malaysia Airports Holdings Berhad (MAHB), which operates the…
Hong Kong passes its first cybersecurity bill covering critical infrastructure
Lo Hoi-ying reports: Hong Kong’s legislature has approved the city’s first bill targeted at cybersecurity for computer systems needed for critical infrastructure, with operators facing fines of up to HK$5 million (US$643,000) for failing to keep them up to date. The Legislative Council on Wednesday passed the Protection of Critical Infrastructure (Computer System) Bill amid…
Australia Sues FIIG Investment Firm in Cyber ‘Wake-Up Call’
Jayant Chakravarti reports: The Australian financial regulator has filed a lawsuit against FIIG Securities, accusing the leading investment and financing company of lacking adequate cybersecurity controls to stop a threat actor from stealing confidential personal information of 18,000 customers. The Australian Securities and Investments Commission said it decided to sue Brisbane-headquartered FIIG Securities in Federal Court after…