An investigation by the Information Commissioner’s Office (ICO) has ruled that a council in Berkshire breached the Data Protection Act after sensitive social services records relating to the care of a young child were lost. The information had been requested by a family member who made a subject access request for their information to Wokingham…
TrueCrypt audit: Probe’s nearly all the way in … no backdoor hit yet
John Leyden reports: The first phase of crowd-funded audit of TrueCrypt has turned up several vulnerabilities, but nothing particularly amiss and certainly nothing that looks like a backdoor. iSEC Partners, which was contracted to carry out the audit by the Open Crypto Audit Project (OCAP), found 11 vulnerabilities in the full disk and file encryption…
UK: Cosmetic surgery files hacked: Details of 500,000 people stolen and used in blackmail attempt
Tania Steere reports: One of Britain’s best-known and biggest providers of private cosmetic surgery has been targeted by computer hackers, it was revealed last night. Confidential personal details of nearly 500,000 people who made an enquiry about surgery via Harley Medical Group’s website were stolen in an apparent bid to blackmail the company. Patients interested…
Curious Cop Downloaded Hundreds of Private Prescription Records Because He Could
Nathan Freed Wessler of the ACLU writes: Today, the ACLU and ACLU of Utah filed an amicus brief in support of a Utah paramedic whose Fourth Amendment rights were violated when police swept up his confidential prescription records in a dragnet search. Law enforcement’s disregard for basic legal protections in the case is shocking. The United Fire…
MN: Two years’ probation for former DNR employee in data breach
This really unacceptable, and for the prosecutor to suggest that the sentence was fair because there was no public safety risk totally minimizes the importance of citizens feeling a measure of confidence that state employees are not snooping in their files. Chao Xiong reports: A former state employee who pleaded guilty to breaching thousands of…
LaCie Acknowledges Year-Long Data Breach
Jeff Goldman reports: LaCie USA recently began notifying an undisclosed number of customers that their personal information may have been exposed when an unauthorized person used malware to access transaction data from LaCie’s Web site. The FBI notified the company of the intrusion on March 19, 2014. “We have hired a leading forensic investigation firm, who…