It’s these “small breaches” that are often the most worrisome, as I’ve said ad nauseum for a decade. Here’s a case where an agency screws up, and their incident response is appalling – and dare I say, negligent. Yahoo7 reports: A violent father barred from seeing his children has been handed their new address in a…
Category: Non-U.S.
Ukrainian Hacker Hacks Polish Telecom Giant Netia; Leaks Massive Data
Waqas writes: A Ukrainian hacker going by the handle of Pravy Sektor has breached the servers of Poland’s telecom company Netia SA and stole a massive trove of data a couple of days ago and posted it for public access on an underground forum. Netia SA has acknowledged that netia.pl faced a cyber attack from the hackers but…
Island Health reports another privacy breach
Cindy E. Harnett reports: Island Health has uncovered another privacy breach, on the heels of its largest breach of medical records ever. A Victoria-based employee has viewed the medical records of 34 individuals, all from Vancouver island, who received services from Island Health. This is the fourth privacy breach in two years, and brings the…
Caldicott’s health security reform fails to address basic cyber hygiene
Richard Olver writes: The NHS treats more than 1 million people every 36 hours. These patients are often at their most vulnerable physically and emotionally, but so too are their digital selves. The health sector accounts for the most data security incidents in the UK — more than 40% of all UK incidents in Q4 2015 — and…
Insurance broker fined $1K for not following MPI privacy rules
Vera-Lynn Kubinec reports: A privacy breach involving customers’ auto insurance files has netted a Winnipeg insurance broker a $1,000 fine. Manitoba Public Insurance determined that last fall broker Basil Galarnyk accessed customer information 42 times without performing any transactions and with “no discernible reason” for accessing the files, a discipline panel has found. As a result, MPI…
European Parliament Adopts Directive on Security of Network and Information Systems
Hunton & Williams writes: On July 6, 2016, the European Parliament adopted the Directive on Security of Network and Information Systems (the “NIS Directive”), which will come into force in August 2016. EU Member States will have 21 months to transpose the NIS Directive into their national laws. The NIS Directive is part of the…