How many times have I blogged about “Don’t Shoot the Messenger” — the inappropriate response of some entities when notified that they have a leak or data breach? Here’s a current example, as noted by Graham Cluley. It all started routinely enough: Platform engineer and open source enthusiast Rob Dyke says that he’s found himself…
CIPL Submits Response to the EDPB Guidelines on Examples Regarding Data Breach Notification
Hunton Andrews Kurth writes: On March 2, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its response to the European Data Protection Board (“EDPB”) consultation on draft guidelines on examples regarding data breach notification (the “Guidelines”). The Guidelines were adopted on January 14, 2021 for public consultation. The EDPB’s Guidelines are intended to provide concrete personal…
Walmart: Notice of Data Security Incident
On February 16, 2021, Walmart was informed by one of its suppliers that a data hosting service they used was compromised on January 20, 2021. An unauthorized party accessed the service and stole records from that service provider. Some of those records included information about a confined number of Walmart pharmacy patients. Walmart’s information systems…
JP: Unauthorized access occurred in Urban Research; personal information of about 310,000 people leaked
Translation: Urban Research has announced that the official in the online store by the unauthorized access by a third party, personal information of 317,326 persons of all member there is a fear that has flowed out. The leaked information does not include credit card numbers, and no secondary damage such as unauthorized use has been…
UK: Solicitor caught dumping client files in the street
The SRA has fined a solicitor for dumping rubbish bags containing client information outside his office. Trevor Nicholas Senkatuka was the sole practitioner of the now-defunct firm, Windsor Croft Solicitors, in Essex. The local council fined him for fly-tipping on the pavement outside his office. Council workers took photographs of the bags which revealed that they contained private client information. “The public would…
Cyberattack hits NJ employee portal containing sensitive data
Dustin Racioppi reports: Hackers targeted the accounts of about 200 state employees in a cyberattack on a government portal that holds sensitive personal and financial data such as Social Security numbers, birthdays and pension information, according to state and union officials. The late-January attack was disclosed to employees and their accounts were “immediately disabled,” a spokeswoman for…