The Journal reports: The Garda Computer Crime Unit has been drafted in to probe how 5,000 people’s personal information collected by Cork City Council had been illegally accessed by a hacker. Detectives in that garda unit are investigating the breach which saw thousands of people who used a parking app potentially having their data stolen….
Category: Non-U.S.
Heathrow Airport Limited fined £120,000 for serious failings in its data protection practices
From the Information Commissioner’s Office, this monetary penalty notice in response to a breach previously noted on this site: Heathrow Airport Limited (HAL) has been fined £120,000 by the Information Commissioner’s Office (ICO) for failing to ensure that the personal data held on its network was properly secured. On 16 October 2017 a member of…
North Korea’s APT38 hacking group behind bank heists of over $100 million
Catalin Cimpanu reports: According to a new report published today by US cyber-security firm FireEye, there’s a clear and visible distinction between North Korea’s hacking units –with two groups specialized in political cyber-espionage, and a third focused only in cyber-heists at banks and financial institutions. For the past four years, ever since the Sony hack…
Website flaw exposed a Canadian ISP’s entire customer database
Zack Whittaker reports: Canadian internet provider Altima Telecom has fixed a flaw in its website that could have given an attacker full access to its customer database. The customer database was connected to the company’s website, but could be remotely accessed with a blind SQL injection attack. Daley Borda, founder of Underdog Security, found the…
Tesco Bank fined £16.4m after hackers siphoned £2.26m from customers in 2016
John McCarthy reports: The Financial Conduct Authority (FCA) has fined Tesco Bank for “failing to exercise due skill, care and diligence in protecting” its current account holders. The ruling comes almost two years after the company was hit with a cyber attack that saw money stolen from an estimated 20,000 customers. Tesco Bank has been…
App flaw let anyone access UK Conservative politicians’ data
Jon Fingas reports: The UK Conservative party is learning a hard lesson about the importance of basic security measures in mobile apps. Users have discovered that you could log into the party’s conference app using only an attendee’s email address, providing access to all kinds of sensitive data. And when many of the conference participants are…