Security Breaches

VeriSign Inc, the company in charge of delivering people safely to more than half the world’s websites, has been hacked repeatedly by outsiders who stole undisclosed information from the leading Internet infrastructure company. The previously unreported breaches occurred in 2010 at the Reston, Virginia-based company, which is ultimately responsible for the integrity of Web addresses ending in .com, .net and .gov. VeriSign said its executives “do not believe these attacks breached the servers that support our Domain Name System network,” [...]

Scotland Yard has admitted to inadvertently sharing the email addresses of a number of victims of crime with other victims. In total 1,136 emails were sent out on Monday, the Metropolitan Police said. No other personal details were revealed and police are contacting everyone affected to explain what happened and to apologise, Scotland Yard confirmed. The Met said the vast majority of the people who had been affected were victims of “lower end crime”. The maximum fine that can be [...]

The Information Commissioner’s Office (ICO) has fined Midlothian council £140,000 for disclosing sensitive personal data about children and their carers to the wrong people on five separate occasions. The commissioner said that the five breaches, which took place between January and June 2011, were all serious. One of them happened when papers about the status of a foster carer were sent to seven healthcare professionals, none of whom had any reason to see the information. It took place in January [...]

The websites of Israel’s national airline, El Al, and the Tel Aviv stock exchange have been disrupted just hours after they were reportedly threatened by a Saudi computer hacker. Flights and trading on the stock exchange have not been affected. There has been a series of hacking attacks affecting Israeli businesses in the past two weeks. The most serious saw details of tens of thousands of Israeli credit cards posted online. A message was posted on the home page for [...]

Online shoe and apparel outlet Zappos.com has apologised over a massive data breach that exposed the personal details of millions. Up to 24 million customers of the Amazon subsidiary may have been affected by the breach, which exposed names, email addresses, addresses, phone numbers, and password hashes. Zappos stressed that credit card data was not exposed. Hackers may have been able to lift the last four digits of credit card numbers but nothing beyond this, according to the e-tailer. Accounts [...]

The Information Commissioner is proposing to issue its heaviest ever fine for a breach of UK data protection laws. It proposes fining a health body after patient records were stolen from a hospital and sold on eBay. Brighton and Sussex University Hospitals NHS Trust told Out-Law.com that hard drives containing patient data had been sold on the auction website by a contractor it employed to destroy them. A spokesperson for the Information Commissioner’s Office (ICO) said the watchdog had proposed [...]

A Saudi Arabian hacking group claims it has leaked information on up to 400,000 Israelis, including names, addresses and credit card details. The data dump follows a reported attack on Israeli websites and has already led to fraudulent use of the sensitive info. Credit card biz Isracard said it had issued 6,600 of the 14,000 cards revealed. However Dov Kotler, chief exec of Isracard, a unit of Bank Hapoalim, said that much of the data is either “incorrect or invalid”, [...]

Credit card firm Visa is investigating reports of a security breach at a European payment processor, with cardholders in eastern Europe potentially affected. In a statement, a spokesperson for Visa Europe said that the company is working to protect its customers. “Visa Europe has been informed of a potential data security breach at a European processor and an investigation is underway. “We are working closely with our member banks to ensure cardholders are protected,” the spokesperson said. At the same [...]

More than two months after the discovery of an organized malware campaign targeting dozens of companies in the defense and chemical industries, the espionage hack attack shows no signs of letting up. According to a blog post published on Monday, the same group that targeted at least 38 companies between July and September is continuing its assault with emails that attempt to trick recipients at sensitive companies into installing backdoor trojans on their employer-issued computers. In the latest iteration, the [...]

News release: 28 November 2011 The Information Commissioner’s Office (ICO) has served monetary penalties to North Somerset Council and Worcestershire County Council after staff at both authorities sent highly sensitive personal information to the wrong recipients. The news comes as the Information Commissioner is pressing for stronger powers to audit data protection compliance across local government and the NHS. The ICO has served a monetary penalty of £80,000 to Worcestershire County Council for an incident in March 2011 where a [...]