The FTC has been active in going after companies that do not provide adequate data security. Today, they announced that Compete, Inc. had settled charges involving unfair or deceptive practices associated with collecting and sharing personal information of users. Of interest here, however, are the charges in the complaint that relate to data security: Compete’s…
ICO: Education ministry BROKE the Data Protection Act
Kelly Fiveash reports from the U.K.: The Department for Education broke the Data Protection Act after it exposed the email addresses, unencrypted passwords and sensitive answers of members of the public who filled in an online form about parental controls on the net, The Register can reveal. However – despite the breach – the Information Commissioner’s Office…
IE: Schools warned over IT risk as pupil accesses confidential files
Katherine Donnelly reports: Second-level schools have been told to step up their computer security after a pupil obtained a username and password that allowed access to confidential files. The problem has arisen over the use of generic usernames and passwords, which schools may make available to substitute teachers. The Department of Education alerted the Joint…
The Southern District of Florida Weighs In On Data Breach Lawsuits
A few months ago, I noted a lawsuit by a former Winn-Dixie employee against Purchasing Power. The complaint in Burrows v. Purchasing Power alleged that Winn-Dixie shared employee data with Purchasing Power to administer its employee benefits program, but also sent them data on employees not enrolled in the program. The complaint also alleged that although…
Statement from Punto.pe about recent breach that effects 90,000 clients details
Following yesterdays large leak of tens of thousands of client details from a peru based (.PE) domain and blog service website the company PUNTO has now released a statement. In the statement they explain that the hackers @LulzSecPeru had not gained access to the clients current access keys and had updated all users passwords as soon…
Billabong hacked, threats of mass data leaks from @GoatseSec
One of the worlds largest surfing based brands has come under the eye of hackers after they gained access to its database via a exploitable wordpress installation. The attack is on billabong and the exact domain and exploit has not been released yet. The attack was announced from the @GoatseSec twitter account stating that over…