The Information Commissioner’s Office has fined the Bloomsbury Patient Network (BPN) after it inadvertently revealed the identities of HIV patients on two occasions due to placing all addresses for a newsletter distribution list in the “to” field instead of the “bcc” field. BPN was fined £250, which may seem somewhat mild considering the potential embarrassment to individuals….
Category: Non-U.S.
UK: Maidstone Borough Council refers parking permit data breach to Information Commissioner’s Office
Joshua Coupe reports: Maidstone council has apologised after it emerged hundreds of residents’ personal details could potentially be viewed online. More than 870 people are thought to be affected by the error reported when a new car parking permit application site went live on their website earlier this month. Concerns were raised when eagle-eyed users…
AU: Over 30,000 Optus customers’ debt data exposed on job freelancer site
Josh Taylor reports: The personal data of 31,150 mostly former Optus customers was posted on short-term job website Freelancer.com in major breach of their privacy, Crikey can reveal. Earlier this week, Crikey reported that an employee of the telecommunications company’s debt collector ARC Mercantile had posted a spreadsheet of data of customers who owed a…
UAE: Extortion demand refused by InvestBank, hacker goes on data dump rampage
Mazhar Farooqui reports an update to a hack and data dump involving InvestBank customers: The cyber criminal who hacked into a Sharjah bank last month has gone on the rampage. After the bank refused to give into his blackmail and pay $3 million in ransom money, the criminal Hacker Buba has posted the confidential details…
JP: Data on Sakai’s 680,000 voters in 2011 election leaked online
Kyodo News reports: The municipal government of Sakai in Osaka Prefecture said Monday personal information on all the around 680,000 voters in the 2011 Osaka gubernatorial election had been leaked on the Internet, as an employee had handled the data inappropriately. The city fired the 59-year-old male employee, who had access to data such as…
UK: Arrest made in VTech hack
There’s been an arrest in connection with the VTech hack that made headlines for involving 6.4 million children’s profiles. Much of the early disclosure about the hack was due to the hacker reaching out to Motherboard to tell them what he had done and what he had obtained. Thankfully, he seemed more interesting in exposing the infosecurity problem than…