There’s a follow-up to a breach noted previously on this site. Clifford Lo reports: A 30-year-old Hong Kong man was arrested in connection with cyberattacks in which the computers of two travel agencies in the city were hacked and their clients’ sensitive personal information held for ransom, with payouts in bitcoin sought last week. As…
Category: Non-U.S.
Ca: 2,551 people affected by Guelph privacy breach
CTV reports: Personal information belonging to thousands of people was accidentally shared with a lawyer involved in legal action against the City of Guelph. The issue first came to light last February, when city officials said “files not relevant to the litigation that had been delayed, but not permanently erased” had been on a file…
UK: Record fines for company, senior staff and private investigators involved in illegal trade in personal information
A firm of loss adjusters has been fined £50,000 for unlawfully disclosing personal data which had been obtained illegally by senior employees and rogue private investigators. A director and a senior member of staff at Kent-based Woodgate and Clark Ltd have also been sentenced to record financial penalties, along with the private investigators involved. The…
Former Island Health nurse suspended over privacy breach
Jason Proctor reports: B.C.’s college of registered nurses has handed a 30-day suspension to a nurse who accessed the private medical records of 74 Vancouver Island Health Authority patients without permission. The health authority fired Jennifer Goodman after the breach came to light. Although the incidents occurred during 2013 and 2014, the nurse’s college only…
Creditseva hacked, personal and sensitive data accessed
CyberWarNews.info has the exclusive on this one: Creditseva has been in the headlines before for the wrong reasons after security researcher Chris Vickery discovered that they had failed to secure a s3 instance which left tens of thousands personal details exposed. Moving on months later and it has come to my attention that Creditseva has now…
PH: NPC wants private, public sectors to submit data security incident reports
Roy Stephen C. Canivel reports: The National Privacy Commission (NPC) wants companies and government agencies to submit a report on security incidents that have affected the personal data of their consumers, even if these incidents were unsuccessful. In a statement, the NPC said it is requiring “personal information controllers” (PICs) in both the public and…