Out-Law.com reports: Businesses should not need to notify consumers that their personal data has been lost or stolen if the data has been encrypted, EU ministers have said. Ministers in the Justice and Home Affairs Committee of the EU’s Council of Ministers backed the plans as part of a wider partial agreement reached last week on…
Benesse leak accused admits copying customer data, but says he did not know it was wrong
Kyodo News reports: A systems engineer on Tuesday admitted copying information about millions of customers from the computer servers of education service provider Benesse Corp., but he told a court he did not know the data was confidential. Masaomi Matsuzaki, 39, was appearing at the Tachikawa Branch of the Tokyo District Court, in the first…
Oregon Employment Department breach update
There’s an update to the Oregon Employment Department breach noted previously on this site. Fox12 in Oregon reports: The Oregon Employment Department will be offering identity theft protection to jobseekers who may have been compromised by a security vulnerability. After reviewing 1.9 million records for people who have registered with the WorkSource Oregon Management Information…
CA: Sausalito Yacht Club notifies members of breach
Well, this is tacky, at best. It appears some members of the Sausalito Yacht Club gained access to the membership roster. From the notification letter of October 4: We are writing to you because of an incident at the Sausalito Yacht Club on or about October 1, 2014,wherein several members gained unauthorized access to our…
PHI accidentally exposed during webinar for healthcare providers
Here’s one we probably won’t see on HHS’s breach tool. Xerox State Healthcare has notified the New Hampshire Attorney General’s Office that during a training session they conducted with the New Hampshire Department of Health & Human Services on August 14, they accidentally exposed protected health information on five New Hampshire residents for 7 seconds via projection and webinar. The…
NZ: Council breached worker's privacy
Peter de Graaf reports: The Northland Regional Council breached the Privacy Act when staff accessed text messages sent by the victim of a brutal bleach attack, the Privacy Commissioner has found. Former council employee Mike Nager was driving to Whangarei in June last year to give evidence in court against two Far North men accused…