Rob Stock reports: “Employee browsing” is a term for when bank staff access customers’ private information for their own uses. And Privacy Commissioner John Edwards says banks aren’t doing enough to prevent it. Following the publication on Monday of a review of bank conduct by the Financial Markets Authority and Reserve Bank of New Zealand, Edwards said banks must…
Category: Non-U.S.
UK: Police probe into data breach at Crosshouse after staff accessed patient records
Paul Fisher reports: Police have launched an investigation after a number of patients have had their personal details accessed by a member of staff at Crosshouse Hospital. Those affected, believed to be mainly women, were notified that information, including their phone numbers and addresses, had been accessed and that the member of staff who breached their privacy…
AU: Police officer who leaked woman’s details claims self-incrimination at tribunal
This is one of those N=1 (small) breaches with serious consequences. Kristian Silva reports: A Queensland police officer has refused to answer questions at a tribunal, in fear of incriminating himself, about how a woman’s address was leaked to her allegedly violent ex-husband. The woman, who cannot be named for legal reasons, is taking legal…
South Korea: Four ‘Young’ Hackers Booked in Cryptojacking Case Targeting Over 6,000 PCs
Marie Huillet reports: Four “young” hackers have been arrested in a cryptojacking case involving over 6,000 computers in what is allegedly South Korea’s “first” known case of its kind, Korean English-language news outlet Aju Daily reports Nov. 8. Cryptojacking is the practice of using a computer’s processing power to mine for cryptocurrencies without the owner’s…
Names of recreational cannabis buyers hacked
Antonella Artuso reports: The privacy of 4,500 Ontario Cannabis Store customers was breached through what the online retailer says was a weakness in Canada Post’s tracking website, the Toronto Sun has learned. The information obtained was the buyer’s name or initials, postal code, date of cannabis delivery, the Canada Post tracking number and OCS’ corporate…
Data of nearly 700,000 Amex India customers exposed via unsecured MongoDB server
Catalin Cimpanu reports: The personal details of nearly 700,000 American Express (Amex) India customers have been accidentally left exposed online via an unsecured MongoDB server. The leaky server, which was left exposed online without a password, was discovered three weeks ago by Bob Diachenko, Director of Cyber Risk Research at cyber-security firm Hacken. Most of…