News

MPs have demanded custodial sentences for breaches of the Data Protection Act, stating that the existing policy of fining offenders is an inadequate deterrent. In a Justice Select Committee report, committee chairman Sir Alan Beith MP argues that such breaches are serious offences, and small financial penalties are an ineffective deterrent. “Using deception to obtain personal information, or selling it on without permission are serious offences that can cause great harm. “Fines are used to punish breaches of data protection [...]

This year has been something of an annus horribilis for EMC-owned security vendor RSA. In March, the firm hit the headlines after suffering a customer data hack. Since then, RSA has had to weather an onslaught of flak from rival vendors, the media and even some disgruntled partners. The fallout from the attack was not all bad news though, as RSA was quick to buy out networking monitoring vendor NetWitness, the firm whose technology helped it detect and combat the [...]

Sensitive data belonging to 480 lawmakers and their staff may have been exposed for more than a month, after computers in Japan’s Parliament were infected by malware, it was widely reported on Tuesday. The data-stealing trojan compromised computers used by three members of the Lower House, and possibly a server, The New York Times said. It gained a foothold after a lawmaker opened a file attached to an email at the end of July, Japan’s Asahi Shimbun newspaper reported. The [...]

Companies in the US now have an obligation to publicly disclose details of data breaches they suffer, and there are increasing signs that the UK will have to implement similar rules under proposed changes to the EU Data Protection Directive. The US Securities Exchange Commission (SEC) recently issued a document clarifying a company’s obligations with regard to data breaches. The document stated that firms must disclose known or potential security incidents “if these issues are among the most significant factors [...]

The UK government is more trusted than banks, social networks and the NHS when it comes to keeping data safe. According to a survey of 2,000 consumers by LogRhythm, it found that 25 per cent consider the government to be trustworthy when it comes to keeping records safe, as opposed to banks (ten per cent), social networks (19 per cent) and the NHS (eight per cent). However, 81 per cent felt that organisations need to try harder when it comes [...]

After a brief respite from exposing the personal information of its targets, theAnonymous hacking collective on Friday posted documents that appear to contain the personal information of police officers in Massachusetts and Alabama. The group said it leaked the stolen data, which included the names, addresses, ranks, phone numbers and Social Security numbers for 1,000 officers in Birmingham, Ala., as part of the National Day of Protest to Stop Police Brutality. The Twitter account “@anon260″ was issuing the tweets containing [...]

Between 8:58 and 10:20 BST this morning we sent an email to 3,521 of you that contained the names and email addresses of 46,524 of our readers. Obviously, this was an error. The two-stage send process that is the norm for all of our mailers was over-looked because someone was in a hurry. We would like to offer our genuine and humble apologies for the error. Read the rest of the article here. Keen to discuss how you avoid this happening [...]

The president of the Cloud Security Alliance (CSA) told delegates at IPExpo yesterday, that security should no longer be considered a ‘secure or not’ concept but a more fluid one that relates to compliance and risk management. Des Ward, president of the UK & Ireland Chapter of the CSA, explained that the change is the result of the internet. He said that when upload and download speeds were limited, there was little opportunity for vast amounts of sensitive data to [...]

A new malware attack has infected approximately 180,000 internet pages and is downloading malicious software onto users’ machines without their consent or knowledge. The attack was announced recently by security firm Armorize on its blog. Armorize researcher Wayne Huang said that the problem will affect users with outdated browsing software, highlighting the need to keep software patched up to the latest version. “In a drive-by download attack, visitors who navigate to the infected websites will be installed with malware on [...]

A million people have been infected in less than a week after a malware campaign targeted visitors to outdated websites. The attacks exploited vulnerabilities in older versions of Java and Adobe Flash to hijack visitors’ computers; as of last Wednesday, the campaign had infected about 200,000 websites, according to security researchers quoting Google search results. A similar search for evidence of the Javascript attack yielded more than 1.1 million results today. The attacks involve an SQL injection where malicious code [...]