The Privacy Commissioner for Personal Data, Hong Kong (Privacy Commissioner), Mr Stephen Kai-yi WONG, expressed serious concern over the Cathay Pacific Airways data breach incident, noting that the incident might involve a vast amount of personal data (such as name, date of birth, passport number, Hong Kong Identity Card number, credit card number, etc) of…
Category: Non-U.S.
EE: Personal and sensitive information of children publicly available for years
As I was just saying in the post about the Girl Scouts breach, children’s medical information can be breached in so many ways outside of the healthcare sector. And that’s true outside the U.S. as well. Priit Pärnapuu provides a concerning, but timely, example from Estonia: Schools’ information system EKIS allowed anyone to read and…
TRITON Attribution: Russian Government-Owned Lab Most Likely Built Custom Intrusion Tools for TRITON Attackers
FireEye writes: In a previous blog post we detailed the TRITON intrusion that impacted industrial control systems (ICS) at a critical infrastructure facility. We now track this activity set as TEMP.Veles. In this blog post we provide additional information linking TEMP.Veles and their activity surrounding the TRITON intrusion to a Russian government-owned research institute. FireEye…
Cathay Pacific flags data breach affecting 9.4 million passengers
Reuters reports: Cathay Pacific Airways said on Wednesday (Oct 24) that data of about 9.4 million passengers of Cathay and its unit Hong Kong Dragon Airlines had been accessed without authorisation. Cathay said 860,000 passport numbers, about 245,000 Hong Kong identity card numbers, 403 expired credit card numbers and 27 credit card numbers with no…
Federation of Sovereign Indigenous Nations pays hacker $20K in bitcoin after massive data breach, sources say
Jason Warick reports: The Federation of Sovereign Indigenous Nations recently paid more than $20,000 to an anonymous hacker who breached its computer system, CBC News has learned. The revelation surfaces as hundreds of delegates gather in Saskatoon on Wednesday and Thursday to elect a new FSIN chief and two vice-chiefs. Read more on CBC.
NZ: IRD privacy breach raises data handling concerns
Nine to Noon reports: Inland Revenue’s data protection protocols are being questioned after a woman received information about a stranger’s child support in a copy-and-paste error. The Wellington woman got a letter from Inland Revenue addressed to her that included the full name of a father who was paying child support, and his child. She…