Zack Whittaker reports: Slack will reset the passwords of users it believes are affected by a historical data breach that affected the company more than four years ago. In 2015, the company said it was hit by hackers who gained access to its user profile database, including their scrambled passwords. But the hackers inserted code…
UK: Estate agency fined £80,000 after accidentally exposing personal info online for two years
The Information Commissioner’s Office issued the following press release involving a monetary penalty related to an unintended exposure incident and a misconfiguration. Imagine if every such leak here resulted in the FTC or a state attorney general fining the entity….. The Information Commissioner’s Office (ICO) has fined a London estate agency £80,000 for leaving 18,610…
Tourism ministry’s servers breached
Matthew Moxey reports from Nassau, Bahamas: The Ministry of Tourism is the latest government entity to fall victim to a security breach, according to Minister of Tourism Dionisio D’Aguilar, who told Eyewitness News Online that his ministry’s information systems were infected with a virus Tuesday. The virus impacted a host of digital files. Read more on…
Independent Age data breach merits no regulator action
Stephen White reports: Confidential data of employees at older people’s charity, Independent Age, have been accidentally exposed to a former worker. The blunder occurred as the company responded to the ex-staff member’s submission of a DSAR (data subject access request). Independent Age says that the security breach compromised personal data, including bank information, sort codes, account…
Security increased at Baltimore city buildings after fired IT employee gains access to sensitive areas
Kevin Rector reports: Security is being increased at Baltimore’s municipal buildings after a former employee, fired for having alleged hacking tools on his city computer, managed to gain “unfettered access” to sensitive areas at the Abel Wolman Municipal Building downtown, according to a report by the city’s inspector general and multiple sources familiar with the…
Data Breaches and Educational Institutions
Marjorie Spivak, Taylor Ey, and Liz LeVan Riley of Womble Bond Dickinson (US) LLP write: Consider these five steps during your summer break to address the protection of confidential information and combat cybersecurity risks before the start of fall semester. 1. Information Assessment: Identify what data your institution holds, how it is used, how is…