Dan Worth reports: All businesses in the UK that store data on customers will soon have to disclose any breaches, as the European Commission looks to widen the scope of recent changes to data protection laws. Speaking at the British Bankers’ Association (BBA) Data Protection and Privacy Conference in London on Monday, European Union justice…
Category: Of Note
Citigroup reveals breach affected over 360,000 cards (updated)
John Ribeiro reports that Citigroup has updated its initial statement about its breach. Their updated statement is likely to fuel debate about time frames for disclosing breaches. It now seems that over 360,083 credit card accounts in North America were accessed by the hacker(s) during the compromise of its card account management website in May….
Owners of hacked computers will be punished, says official
Wow. Look at this news from Turkey: Computer users whose computers are hacked by Anonymous, an international group of hackers that has vowed to attack government websites in protest of an Internet filter system the government plans to introduce in late August, will be held legally accountable for the use of their computers in the…
Judge: Comerica must pay company hit in phishing attack
David Ashenfelter reports on a ruling in a case with potentially huge implications, EMI v. Comerica (past coverage): Comerica bank must reimburse a Sterling Heights sheet metal company $561,000 it lost in an Internet phishing attack, a federal judge has ruled in what may be the first such case nationally to be tried to a…
Southern California Medical-Legal Consultants reveals that 300,000 workers’ compensation applicants’ names and Social Security Numbers were exposed on internet
Remember how Heartland Payment Systems took a lot of heat for announcing their breach at a time that coincided with President Obama’s inauguration? Since then, a lot of entities have been bashed a bit over the timing of their breach disclosures. As someone who tracks breaches, it became almost a given that I would find…
UK: Employees who stole T-Mobile customer data made to pay £73,700 for violating Data Protection Act
Two former employees of UK mobile operator T-Mobile who illegally stole and sold select customer data from the company in 2008 have today been ordered to pay a total of £73,700 in fines and confiscation costs as part of a hearing at Chester Crown Court. David Turley and Darren Hames pleaded guilty to offences under…