A follow-up to a breach reported back in April involving Godalming College e-mailing sensitive medical details on 300 students to an entire year group: the college has now signed an undertaking with the ICO to improve its data protection practices. The undertaking provides a bit more detail on how the breach occurred: The Information Commissioner…
Restaurant Depot/Jetro Cash & Carry Customers’ Credit Cards Hacked (update2)
Gawker.com is not one of my usual sources for news on data breaches, but they managed to uncover a breach that we would not have known about had it not appeared on a firearms discussion forum (yes, really): If you used a credit card between the dates of Sept. 21 and Nov. 18th at national…
Millions of online poker players’ data leaked on the Internet
Online gambling sites have had a few mega breaches over the past few years. Now Ultimate Bet Poker (Blanca Games) has joined the unhappy ranks. No one seems to know how or who or when, but a lot of data on 3.5 million players has reportedly been available on the web since November 20. According…
Proposed EC regulations require breach notification within 24 hours
The leaked draft of European Commission regulations contains provisions that would require breach notification to the supervisory authority (Article 28) AND to the individuals affected (Article 29) within 24 hours after establishment of a breach. Wow. Article 28 Notification of a personal data breach to the supervisory authority 1. In the case of a personal…
CO: Judge lets identity-stealing nurse off with probation
As a follow-up to a breach reported previously on this blog…. Monte Whaley reports: A 31-year-old nurse police say stole the identities of hospital patients in Adams County was sentenced today to six years probation despite a request for prison time. Cannon Tubb in June was charged with multiple counts of identity theft and theft…
MySQL.com hacked by D35M0ND142
D35M0ND142 has been busy and has pretty much left the admin team of the MySQL.com website pretty embarrassed for not securing its own database’s properly. The attack sorta proves that all areas of IT administration need to re-think security, re-do and re-check everything to make sure that all aspects are all actually up to date and properly secure….