The Russian Federation is considering amending the country’s data protection law, according to BNA’s Privacy Law Watch. Businesses have long complained that the law contains restrictions on data processing that are extremely difficult to meet. For example, the law requires affirmative written consent for most types of data processing. In the online context, this provision…
CA: Credit card numbers stolen in the East Bay
A handful of East Bay Wells Fargo customers had their credit cards canceled after their card numbers were stolen. The bank says the card holders were victims of what’s called “a point of sale compromise.” That means thieves acquired card numbers at a store or ATM — not by hacking into a computer system. Customers…
Aldaco’s issues credit card breach alert
Aldaco’s has posted a notice on its web site, as noticed and first reported by MySanAntonio.com: Dear Customers, Our business has been another senseless victim of breach of data. Authorities have investigated and have clearly determined that the breach was not the result of any wrong doings by an in-house employee or management. We have…
NC: Prompt Med Fined for Improper Disposal of Records
Following up on a breach previously covered here and here, the North Carolina Attorney General’s Office released this statement yesterday: A Greensboro urgent care center has paid $50,000 because its patients’ financial and medical information were illegally disposed of in a dumpster, Attorney General Roy Cooper announced Friday. “When you share your personal information with…
NC: Prompt Med Fined for Improper Disposal of Records
Following up on a breach previously covered here and here, the North Carolina Attorney General’s Office released this statement yesterday: A Greensboro urgent care center has paid $50,000 because its patients’ financial and medical information were illegally disposed of in a dumpster, Attorney General Roy Cooper announced Friday. “When you share your personal information with…
Ie: ‘Reckless’ data breaches should be prosecuted
Steven Carroll reports: Data protection controllers should face sanctions for deliberate or reckless breaches of information protection law, a Government appointed review group has concluded. The obligations of controllers to report security breaches should be set out in a statutory code of practice, which would outline when disclosure of data breaches is mandatory, and failure…