Category: Non-U.S.

AU: Privacy breach costs $23,000 – but could have been worse

Posted on by Dissent

Alison Baker and Rhiannon Nixon of Hall & Wilcox write: The Office of the Australian Information Commissioner (OAIC) has ordered Comcare to pay a Defence Force employee $23,000 after it inadvertently published on its website personal information, including sensitive health information, about the employee. For organisations with obligations under the Privacy Act 1988 (Cth), this…

Read more

UK: Privacy breach at Gloucestershire County Council exposed medical information online

Posted on by Dissent

When hacktivist @ElSurveillance recently tweeted that 14 government sites had the same vulnerabilities,  including MYSQL, Cross Site Script, etc., someone responded that councils were generally not considered “government.” DataBreaches.net had – and will continue to – consider them “government” entities, as local government is still government. And in this site’s experience, council breaches can involve sensitive information,…

Read more

UK: Two plead guilty to 2015 TalkTalk data breach

Posted on by Dissent

Shaun Nichols reports the latest on the 2015 TalkTalk hack: Two chaps in the UK have admitted stealing more than 150,000 customer records from TalkTalk. Matthew Hanley, 22, and Connor Douglass Allsopp, 20, both from Tamworth, copped to charges in connection to the 2015 attack on the broadband ISP’s systems and subsequent attempts to sell people’s…

Read more

Ca: William Osler Health System says staff member inappropriately used patient info

Posted on by Dissent

Codi Wilson reports: William Osler Health System says an internal investigation has been launched after an employee allegedly accessed patient records to obtain narcotics. In a statement issued Tuesday, William Osler Health System said that earlier this week, it notified patients about the data breach. According to the statement, a staff member allegedly used patient…

Read more