Kat Hall reports: A major data security breach at the Chartered Institute for Securities and Investment has caused the release of 40,000 members’ details to a fraudster. On Friday (May 29) the professional body for finance and investment folk held an emergency meeting concerning the release of every member’s name, email address and membership level….
Locker ransomware author dumps database of private keys, apologizes
Wow. Seen on Pastebin last night: Hi, I am the author of the Locker ransomware and I’m very sorry about that has happened. It was never my intention to release this. I uploaded the database to mega.co.nz containing “bitcoin address, public key, private key” as CSV. This is a dump of the complete database and…
French Data Protection Authority Reveals 2015 Inspection Program
Hunton & Williams writes: On May 25, 2015, the French Data Protection Authority (“CNIL”) released its long-awaited annual inspection program for 2015. Under French data protection law, the CNIL may conduct four types of inspections: (1) on-site inspections (i.e., the CNIL may visit a company’s facilities and access anything that stores personal data); (2) document reviews (i.e.,…
Data breach liability: confidentiality vs. privacy
Glynna Christian and Nikki Mondschein of Kaye Scholer LLP provide food for thought for businesses and covered entities when reviewing contracts with IT service providers: IT service providers, particularly cloud service providers, increasingly are resisting unlimited liability for breaches of privacy and data security obligations in their customer agreements. Instead, they offer unlimited liability for breaches of…
NJ: Hackers Steal $240K From Mahwah Businessman’s Bank Account
Sean Adams reports: In Mahwah, hackers set their sights on a local businessman and obtained enough of his personal information to convince his bank to wire $240,000 overseas. Police Chief James Batelli said they even hijacked the man’s phone number, so when the bank called to verify “That is call forwarded to Brussels and the person…
UK: Former The Gas Superstore employee sentenced for revenge hacking
Here we go again: another disgruntled former employee with IT skills wrecks havoc on their former employer. The Leicester Mercury reports that The Gas Superstore lost £41,000 and had to stop trading for three days because of Andrew Kenneth Plumb’s actions. Reporter Suzy Gibson notes: He cancelled customers’ deliveries and uploaded pictures of Coronation Street characters,…