Gareth Corfield reports: Southern Water – British supplier of the liquid of life – botched its internal Sharepoint implementation so badly that a customer was able to view other people’s account details. Reg reader Chris H discovered that the way Southern Water had set up Sharepoint to host customer information as a “your account” style section…
Category: Non-U.S.
‘Human error’ results in privacy breach for Children’s Disability Services clients: Manitoba government
Charles Lefebvre reports: The Manitoba government says ‘human error’ resulted in personal information about Children’s Disability Services (CDS) clients being unintentionally shared this week. On Friday, the province said in a news release that the privacy breach occurred on Aug. 26, when staff from CDS “accidentally sent an email intended for the Manitoba Advocate for…
Over 54,000 scanned NSW driver’s licences found in open cloud storage
Juha Saarinen reports: Tens of thousands of scanned NSW driver’s licenses and completed tolling notice statutory declarations were left exposed on an open Amazon Web Services storage instance, but Transport for NSW doesn’t know how the sensitive personal data ended up in the cloud. The open AWS S3 bucket was found by Bob Diachenko of…
New Zealand stock exchange disrupted by fourth ‘offshore’ cyber attack
Reuters reports: The New Zealand government has activated national security systems after the nation’s stock exchange was disrupted by cyber attacks for a fourth day. There was no clarity on who was behind the “offshore” attacks, but the failure to stop them has raised questions about New Zealand’s security systems, experts said. Read more on The Guardian.
Ca: North Okanagan pediatric clinic hacked
Jennifer Smith reports: Patients of a North Okanagan facility are being alerted of a privacy breach. The North Okanagan Pediatric Clinic was subject to a remote hacking attempt in late May 2020. “While patient medical charts and records, which are maintained in paper form only, were unaffected, historical patient profile information could theoretically have been…
15-year-old Merseyside boy arrested for hacking UK PayPal accounts
TEISS reports: Merseyside Police have arrested, and subsequently released under investigation, a fifteen-year-old boy under the suspicion of hacking into a number of PayPal accounts in the UK earlier this year. Aside from arresting and releasing the fifteen-year-old boy under investigation, Merseyside Police’s Cyber Dependent Crime Unit, along with the Matrix, carried out a search…