Here is the argument for more education and training. Ashley Martin reports: The Regina Public School Division is addressing policy gaps after a teacher uploaded more than 2,000 documents, many containing students’ information, to a public website. Some of the information was online for 15 months before the privacy breach was reported to the Office…
UK Government Consults on EU Cybersecurity Plans
Mark Young and Joseph Jones report: As we summarized last fall, the EU Commission published a new Cybersecurity Communication in September that, among other things, sets out proposals for an EU cybersecurity certification framework as part of an EU “Cybersecurity Act” (see our post here and a more detailed summary here). Just before the holidays, on December 20, 2017, the UK Government…
UIDAI firewalls 5,000 officials post ‘breach’
Surabhi Agarwal reports that the Unique Identification Authority of India (UIDAI) has taken steps to prevent a future breach like the one that caused a media firestorm when a reporter was able to easily purchase access to Aadhaar credentials. UIDAI has now restricted the access of those who were previously able to access information more…
How to Assess a Vendor’s Data Security
Cooper Quintin and Soraya Okuda of EFF collaborated with Jonah Sheridan of Information Ecology to come up with a helpful guide: Perhaps you’re an office manager tasked with setting up a new email system for your nonprofit, or maybe you’re a legal secretary for a small firm and you’ve been asked to choose an app…
Man, 30, held over hacking attacks with ransom demands on two Hong Kong travel agencies
There’s a follow-up to a breach noted previously on this site. Clifford Lo reports: A 30-year-old Hong Kong man was arrested in connection with cyberattacks in which the computers of two travel agencies in the city were hacked and their clients’ sensitive personal information held for ransom, with payouts in bitcoin sought last week. As…
Ca: 2,551 people affected by Guelph privacy breach
CTV reports: Personal information belonging to thousands of people was accidentally shared with a lawyer involved in legal action against the City of Guelph. The issue first came to light last February, when city officials said “files not relevant to the litigation that had been delayed, but not permanently erased” had been on a file…