John Leyden reports: Retailer Asda dragged its heels for nearly two years before finally this week tackling a set of security vulnerabilities reported to it by a UK consultant. Asda has acknowledged the flaws – which Paul Moore, who discovered them, argues offer up an account hijack risk – but played down their significance. Moore…
Category: Non-U.S.
UK: String of data protection breaches by Leicester City Council staff revealed
Dan J. Martin reports: Details of a string of breaches of data protection laws by staff at Leicester City Council have been published. Information revealed by the authority outlines a series of errors by employees handling sensitive documents. Among the breaches were a series of letters posted to the wrong addresses, a form containing personal details falling…
Ottawa working on “options regarding next steps” for Canada-wide mandatory privacy breach notification
Canadian Underwriter reports: Before the House of Commons was dissolved last summer to kick off the federal election, the ruling Conservatives passed the Digital Privacy Act, which creates new offences for failing to report data security breaches. However, nation-wide mandatory breach notification would not actually take effect unless the government develops regulations, and it is not…
Ca: Nurse accused of snooping into patient records loses bid for secret hearing
Theresa Boyle reports: A nurse accused of invading patients’ privacy by snooping into their medical records has lost her bid to have her disciplinary hearing held in secret. A disciplinary panel of the College of Nurses of Ontario denied Mandy Edgerton-Reid’s request to exclude the public, including the media, from a hearing into allegations that…
AU: Police accidentally gave victim’s details to alleged attacker
Paul Farrell reports: The Australian federal police accidentally revealed the personal details of an assault victim to the alleged perpetrator, risking the safety of the complainant and his family, according to an AFP risk assessment. The lapse is one of seven serious privacy and security breaches the AFP has suffered since 2012. Details of the breaches, which…
In: Police Detain Engineering Student for OUAT Website Hacking
The New Indian Express reports: The Commissionerate of Police on Monday tracked down a student of a private engineering college for allegedly hacking the official website of Odisha University of Agriculture and Technology (OUAT). The student, a self-confessed ethical hacker, was identified after police traced his internet protocol (IP) address and proceeded to zero in…