Catalin Cimpanu reports: Dutch IT security expert Sijmen Ruwhof has found a pretty big blunder on the part of Danske Bank, Denmark’s biggest bank, which exposed sensitive user session information in the form of an encoded data dump, in their banking portal’s JavaScript files. Mr. Ruwhof started to research Danish banking policies out of curiosity,…
Category: Non-U.S.
UK: ICO takes enforcement action against Anglesey County Council
From the Information Commissioner’s Office: Anglesey County Council has been ordered to improve its data protection practices after it repeatedly failed to address security and privacy issues. Two separate security incidents as far back as 2011 led to the council signing undertakings to make changes and improve practices. But despite committing to the improvements, audit…
Seoul subway server allegedly hacked by North Korea
The Korea Herald reports: The computer server of one of Seoul City’s subway operators was found to have been hacked last year, allegedly by North Korea, though little damage has been confirmed, officials said Monday. According to Saenuri Party Rep. Ha Tae-keung quoting the National Intelligence Service’s report, two servers in charge of managing the…
NZ: Kiwis’ private medical information spilled in email gaffe
Simon Plumb reports: A Ministry of Health email blunder has spilled private medical information of 24,000 Kiwis. Officials are investigating how a spreadsheet of National Health Index (NHI) numbers, containing the birth and death dates of 24,092 people, was emailed to around 950 pharmacists yesterday morning. The email was supposed to be sent internally. Security…
UK: 3,634 patients hit by East Sussex Healthcare Trust data breach
The Hastings & St. Leonards Observer reports that one of the trust’s consultants lost a thumb drive with data on over 3,600 patients. Hospital papers have revealed the confidential details of more than 3,500 patients were discovered on an unencrypted data stick. The incident was discussed at an East Sussex Healthcare Trust board meeting on…
AU: Retailer David Jones reports online breach
The Australian reports: Up-market retailer David Jones says its website has been hacked and private customer data stolen, a day after a similar attack on Kmart’s wesbite. David Jones said today that it recently learned that a third party exploited a vulnerability in its website to extract limited information about some of our customers. The information obtained includes names,…