Richard Chirgwin reports: Retail coupon operator Catch-of-the-Day has escaped penalty over sitting on a data breach for three years. The 2011 data breach was notified to the Office of the Australian Information Commissioner (OAIC) in 2014. Catch of the Day put the delay down to deciding that the hashed passwords in the compromised systems “might” be…
Category: Non-U.S.
Bengal: Confidential data theft; 1 arrested
The cyber cell of Bidhannagar city police today arrested a youth on charges of stealing and selling confidential details of the clients of an IT company to various cyber crime rackets, causing losses amounting to Rs 2.5 crore, police said. Police arrested Arijit Debnath from Salt Lake Sector-V and seized a pen drive and a mobile phone which were used to steal and keep customer details of the IT…
UK: ‘Outrage’ in Mansfield and Ashfield after personal records of hundreds of residents found dumped in bin
Joe Malone reports: Residents across Mansfield and Ashfield have been left ‘outraged’ after hearing that their private documents were found dumped in a recycle bin on Wednesday. The documents belong to a quick cash loan company called Morsesclub, who merged together with Shopacheck Financial Services Limited in March. Among the documents found in Sutton, were…
Japan’s pension system hacked, 1.25 million cases of personal data leaked
William Mallard of Reuters reports another breach due to successful phishing of employees: Japan’s pension system has been hacked and more than a million cases of personal data leaked, authorities said on Monday, in an embarrassment that revived memories of a scandal that helped topple Prime Minister Shinzo Abe in his first term in office. Japan…
UK: Phished IT bod opens door to 40,000 finance folks’ personal details
Kat Hall reports: A major data security breach at the Chartered Institute for Securities and Investment has caused the release of 40,000 members’ details to a fraudster. On Friday (May 29) the professional body for finance and investment folk held an emergency meeting concerning the release of every member’s name, email address and membership level….
French Data Protection Authority Reveals 2015 Inspection Program
Hunton & Williams writes: On May 25, 2015, the French Data Protection Authority (“CNIL”) released its long-awaited annual inspection program for 2015. Under French data protection law, the CNIL may conduct four types of inspections: (1) on-site inspections (i.e., the CNIL may visit a company’s facilities and access anything that stores personal data); (2) document reviews (i.e.,…