Mark Wyciślik-Wilson reports: Hungarian airline Wizz Air has emailed millions of customers informing them that their passwords have been reset. While the company is at pains to stress that it has not been the victim of hacking, nor is any personal information at risk, the email took many customers by surprise and raised concerns about…
Category: Non-U.S.
Hackers breach FSB contractor, expose Tor deanonymization project and more
Catalin Cimpanu reports: Hackers have breached SyTech, a contractor for FSB, Russia’s national intelligence service, from where they stole information about internal projects the company was working on behalf of the agency — including one for deanonymizing Tor traffic. The breach took place last weekend, on July 13, when a group of hackers going by…
Personal data of users on 1111 job bank leaked on overseas forum
Liu Chien-pang and Ko Lin report: Taiwan job bank 1111 confirmed Friday that the personal data of its online members was hacked and leaked to a foreign-based hacker forum, and the case is now being investigated by local authorities. Henry Ho (何啟聖), vice president of 1111 job bank, said the scope of the personal data…
UK: Estate agency fined £80,000 after accidentally exposing personal info online for two years
The Information Commissioner’s Office issued the following press release involving a monetary penalty related to an unintended exposure incident and a misconfiguration. Imagine if every such leak here resulted in the FTC or a state attorney general fining the entity….. The Information Commissioner’s Office (ICO) has fined a London estate agency £80,000 for leaving 18,610…
Independent Age data breach merits no regulator action
Stephen White reports: Confidential data of employees at older people’s charity, Independent Age, have been accidentally exposed to a former worker. The blunder occurred as the company responded to the ex-staff member’s submission of a DSAR (data subject access request). Independent Age says that the security breach compromised personal data, including bank information, sort codes, account…
UK: Former motor industry worker ordered to pay £25,500 from proceeds of data theft
A motor industry employee who was sentenced to six months in prison in November 2018 for accessing personal data without permission, has been ordered to pay a £25,500 confiscation order in a case brought by the Information Commissioner’s Office (ICO). Following a hearing at Wood Green Crown Court, London on 15 July, the judge determined…