Everywhere you go, documents are left on public transportation by employees, it seems: Tokyo Electric Power Co. said Friday that one of its employees has lost documents that include the personal information of 22 individuals who have applied for compensation related to the triple-meltdown crisis at its Fukushima No. 1 nuclear plant, adding that this…
Did Auckland District Health Board overreact to privacy breach?
In the U.S., we expect entities to take strong and effective action to address employee snooping or improper sharing of patient confidential information. But a professional group in New Zealand is not happy with the Auckland District Health Board’s response to a breach previously reported on this blog involving a patient who sought emergency treatment…
Rothamsted Research Data Leak Insight and Analyst
At the start of June a hacker using the handle Nairb had dumped a leak of information from Rothamsted Research. Back then at the time OpMonsanto was in full swing with global protests around the world which were aimed right at the research company’s like Rothamsted Research conduct. The leak of information was dumped as an compressed…
GSA responds to FOI request
On March 17, I noted that the General Services Administration (GSA) had disclosed a vulnerability in the System for Award Management (SAM), which could allow some existing users in the system to view certain registration information of other users. The data contained identifying information including names, taxpayer identification numbers (TINs), marketing partner information numbers and bank…
1-800-Data Breach
Raj J. Patel reports: Despite the increase in cyberattacks, the Securities and Exchange Commission (SEC) has yet to publish guidelines as to when a corporation should publicly disclose the data loss, system disruption, or other damages caused by a cyber incident — even where the incident caused financial losses. Some companies have included standard warnings…
Privacy Commissioner details ‘web leakage’ research, but declines to name sites found in violation
Matthew Braga reports: The Office of Canada’s Privacy Commissioner has declined to name 11 Canadian websites found to be leaking personal information to third parties without the knowledge of users, but revealed in a blog post that privacy practices had improved after being notified of the government’s concerns. A study found that user names, email…