[repost] The German Data Protection Authorities of Berlin and North Rhine-Westphalia have issued a paper containing Frequently Asked Questions about the German statutory data breach notification requirement that went into effect on September 1, 2009. The paper provides detailed information on key questions concerning the procedure for notification as required by Section 42a of the…
SelfCatering.ie hack revealed in report on Ireland’s Data Protection Commissioner [repost]
[repost] One of the case studies in the 2010 annual report of the Data Protection Commissioner discussed a breach that I had not seen before: Case study 14: Hacking attack on SelfCatering.ie website A bank made a data security breach notification to my Office in 2009 in relation to the credit cards of 1200 customers…
Honda Data Breach Triggers Lawsuit [repost]
[repost] Mathew J. Schwartz reports: … As with the Sony breach, lawyers for Honda customers filed a class action lawsuit on behalf of affected customers, seeking 200 million Canadian dollars ($206 million). The claim says that the breach exposed customers to “theft of their identity, theft from their bank accounts, and theft from their debit…
(update) Texas office responsible for dumpster breach identified [repost]
[repost] As an update to a dumpster breach reported previously, KTSM in Texas reports that the office responsible for the breach was Tax Matters. Of note, Lindsey Reiser reports that at least one former client of the business was upset that they still had his records: “We had broken our relationship several years ago,” the…
South Africa: DMASA “do not call” database ‘leaked’ [repost]
[repost] Nicola Mawson reports: Around 39 000 South Africans who signed up on the Direct Marketing Association of SA’s (DMASA’s) “do not contact” database are at risk of identity theft, because the list has been leaked to companies that aren’t DMA members. The database contains sensitive information such as contact details, addresses and identity numbers….
In: Two laptops containing UID data stolen from Hadapsar school [repost]
[repost] Unidentified persons broke into a school hall in Hadapsar and decamped with two laptops, two web cameras and a pen drive in the early hours of Saturday. Investigations have revealed that the laptops contained the data of around 150 persons collected as part of the Central government’s Aadhaar (UID) project. A complaint has been…