Josh Taylor reports: The Australian Communications and Media Authority (ACMA) has issued Telstra a direction to comply with the privacy clause in the Telecommunications Consumer Protection (TCP) code, following a 2011 privacy breach that left the details of 734,000 broadband customers vulnerable. In December last year, Telstra inadvertently exposed customer information online after one of…
Category: Of Note
Sensitive social service files found on TV set that was former Enfield Council building
John Dunne reports: An urgent investigation has been launched after dozens of confidential social services files were found at an abandoned town hall in London. The documents, including highly sensitive reports on parents turned down for adoption and the case notes on the Victoria Climbié case, were left on shelves and tables on public view…
RiteAid mobile app left customer prescription history vulnerable – customer
Cross-posted PHIprivacy.net: When Michael Ramirez recently used RiteAid’s mobile app to check on a prescription, he never expected to be able to access other customers’ names, addresses, and prescription records. But he was able to, and now Ramirez, a computer scientist working for the Navy’s Space and Naval Warfare Systems Command in Charleston, is going…
IEEE leaks 100,000 members’ usernames and plain-text passwords (update3)
Seen on Slashdot, Radu Dragusin writes: IEEE suffered a data breach which I discovered on September 18. For a few days I was uncertain what to do with the information and the data. Yesterday I let them know, and they fixed (at least partially) the problem. The usernames and passwords kept in plaintext were publicly…
The Apple UDIDs were stolen from us – BlueToad
Kerry Sanders and Bob Sullivan report that Florida publishing firm BlueToad has stated that the database of Apple UDID’s stolen by AntiSec came from its servers. According to Sullivan: Blue Toad is a little-known privately held company, but its technology touches millions of users around the world. It provides private-label digital edition and app-building services…
Emobile, Meteor plead guilty to data legislation breaches
RTÉ reports: Two telecoms companies have pleaded guilty to multiple breaches of data protection legislation at the Dublin District Court and have been ordered to pay a total of €30,000 to two charities. The charges follow the theft of two unencrypted laptops, containing personal and financial information of customers, from the office of Eircom Ltd…