Victoria Shupryt reports: The New Mexico Public Regulation Commission is investigating after a foreign country hacked its network internet and intranet system, according to officials. A spokesperson for the FBI says the agency is also involved. Read more on KOAT.
UK: Former social worker prosecuted for unlawful data disclosures
From the Information Commissioner’s Office: A former social worker has been prosecuted for passing the personal information of service users to a third party provider for Local Authority young person placements. Leo Kirk unlawfully disclosed referrals for residential or foster placements of vulnerable young people aged 16-18 years old. The referrals contained sensitive personal data…
AU: P&N Bank discloses data breach, customer account information, balances exposed
Charlie Osborne reports: P&N Bank is informing customers of a data breach in which personally identifiable information (PII) and sensitive account information was exposed. On Wednesday, a security researcher going under the Twitter handle @vrNicknack pinged Troy Hunt, the operator of the Have I Been Pwned? search engine, with a notice he had received from the bank. Read more…
IE: Hospital staff to be investigated over alleged ‘derogatory’ online posts
Paul Cullen reports: University Hospital Limerick says it plans to investigate staff over the alleged leaking of confidential patient information as well as “derogatory” Facebook posts. Staff have been told they may face disciplinary action for remarks on social media “made in the name of the HSE” which are offensive or derogatory. Read more on Irish Times.
FTC Summarizes 2019 Changes to Data Security Orders
Caleb Skeath and Danielle Kehl of Covington & Burling write: In a recent blog post, the Federal Trade Commission highlighted three key changes it made in 2019 in its approach to issuing orders in data security enforcement matters. As stated by Andrew Smith, the Director of the FTC’s Bureau of Consumer Protection, in the blog post, the…
“Real People,” real data leak: Production company leak exposed personal data of Dove ‘real people’ ad participants
Lucy Ingham reports: A data breach at UK-based Fresh Film Productions, which makes adverts for high-profile companies including Unilever, has exposed sensitive personal data of participants in antiperspirant brand Dove’s ‘real people’ campaign. The company inadvertently exposed the data, which included bank details and passport scans, by leaving a company server hosted online on an…