Jude Karabus reports: Medway council in Kent has corked a hole in its website that spat out residents’ names, mailing addresses, phone numbers and email addresses after a Reg reader got in touch to complain. The breach appeared courtesy of some of Medway Council’s electronic forms. The council’s eforms were conceived during a collaboration of…
Category: Non-U.S.
ICO statement: Intention to fine British Airways £183.39m under GDPR for data breach
In September, 2018, the International Airlines Group (IAG) announced that British Airways was investigating a possible data breach involving its website and mobile application. Soon after, we learned that 380,000 payments had been compromised in a few weeks between August 21, when Magecart malware was injected, and early September. Today, the U.K.’s Information Commissioner’s Office…
Croatian government targeted by mysterious hackers
Catalin Cimpanu reports: A mysterious hacker group has targeted, and most likely infected, Croatian government employees between February and April this year. Attackers, which are suspected to be a state-sponsored unit, have targeted victims using a spear-phishing campaign that mimicked delivery notifications from the Croatian postal or other retail services. Read more on ZDNet.
UK: Eurofins Scientific: Forensic services firm paid ransom after cyber-attack
Danny Shaw reports: The UK’s biggest provider of forensic services has paid a ransom to criminals after its IT systems were disrupted in a cyber-attack, BBC News has learned. Eurofins Scientific was infected with a ransomware computer virus a month ago, which led British police to suspend work with the global testing company. Read more…
SG: Spize fined S$20,000 after more than 100 customers’ personal data leaked
Food and beverage outlet operator Spize has been fined S$20,000 after the personal data of about 150 customers was disclosed on its online ordering portal in 2017. In the grounds of decision dated Thursday (Jul 4), which was published on the Personal Data Protection Commission (PDPC) website, the PDPC received a complaint on Aug 12,…
St John Ambulance praised for response to ransomware attack
Warwick Ashford reports: St John Ambulance has reported that it was hit by a ransomware attack this week, but was able to isolate the attack and resolve it within half an hour. Fortunately, the ransomware did not affect operational systems, but blocked access to the charity’s booking system for training courses and encrypted customer data….