Jack Clark reports: The European Space Agency has confirmed that a hacker entered its FTP servers and took sensitive data, including hundreds of passwords. The data breach exposed more than 200 usernames, passwords and email addresses, as well as server logs, the agency said on Tuesday. A Romanian hacker named ‘TinKode’ has claimed responsibility for…
Verizon-USSS 2011 data breach investigations report released – what do they know that we don’t?
The annual report based on breaches investigated by Verizon and the U.S. Secret Service is out. On first reading of the report and the available media coverage, the big headline seems to be that while the number of records or data lost is down significantly, the number of breaches is significantly up – and more…
OH: COTC students’ personal information left unsecured
Jessie Balmert reports: An error sent more that 600 Central Ohio Technical College students’ personal information to storage at Apple Tree Auction Center, where they were left unsecured for less than 24 hours. On March 10, the Student Records Management Office was moving to another location in the same building when an enclosed file cabinet…
UK: Norwich college dumps students’ files in skip
Ben Woods reports: Piles of documents revealing student names, photographs, addresses, telephone numbers, dates of birth, and some files exposing sensitive medical information, were found in bin bags at City College. An investigation by the Information Commissioner’s Office (ICO) found the college on Ipswich Road had adequate procedures and policies for dealing with personal information,…
University College London Hospital patient data found on unencrypted drive
The University College London Hospitals NHS Foundation Trust (UCLH) has signed an undertaking with the Information Commissioner’s Office after an unencrypted flash drive with patients’ sensitive personal information was discovered in a training room. Robert Naylor, Chief Executive of University College London Hospitals NHS Foundation Trust (UCLH) indicated that the ICO was notified by Brighton and Sussex…
UK: Borough of Poole agrees to strengthen data protection following a series of misdirected faxes
The Borough of Poole has signed an undertaking with the Information Commissioner’s Office as a result of faxing errors. According to the undertaking, signed by John McBride, Chief Executive of the Borough of Poole, faxes containing personal data had been sent to the same incorrect fax number on three separate occasions in 2010. On the first…