Non-U.S. | Office of Inadequate Security

CERT probing security breach at IT firms

Breach Incidents, Financial Sector, Non-U.S. No Responses »

May 132013

ElectraCard Services was one of two payment processors in India named in conjunction with that massive $45M cyberheist. The other one is reportedly EnStage, Inc. Read more on ManoramaOnline.com.

Indian card processor in $45 million heist is ElectraCard Services – Reuter sources

Breach Incidents, Financial Sector, Hack, ID Theft, Non-U.S. No Responses »

May 112013

Dinesh Nair and Jessica Dye of Reuters report that one of the card processors whose security was breached in a $45 million global cyber heist was India’s ElectraCard Services. No one has confirmed that officially, however, as the sources spoke on condition of anonymity. You can read the Reuter’s exclusive coverage here.

AU: Grave security breach of confidential police information puts informants at risk

Breach Incidents, Government Sector, Insider, Non-U.S. No Responses »

May 062013

Anthony Dowsley reports:

The lives of informers and police officers have been put at risk over the “gravest” of leaks from inside the force.

Police raids across Melbourne three weeks ago discovered volumes of confidential and sensitive police files dating back three years.

So far, a junior police officer from the northern metro region has been suspended without pay after sensitive police documents were found at three addresses.

Chief Commissioner Ken Lay today described the breach as “damaging and horrible”.

One of the locations raided had direct links to an outlaw motorcycle gang, and some of the files involved organised crime.

Those most at risk are believed to be criminals who have co-operated with police.

AU: Supplementary Policy on Data Breach Notification Legislation Submitted by APF

Breach Laws, Legislation, Non-U.S. No Responses »

May 052013

The Australian Privacy Foundation has submitted additional comments on proposed data breach notification regulations in Australia. You can read their supplement here. Not surprisingly, I remain in substantive agreement with their recommendations.

Belgian Privacy Commission refers data breach case to Public Prosecutor

Breach Incidents, Exposure, Government Sector, Non-U.S. No Responses »

May 022013

On April 29, 2013, the Belgian Privacy Commission announced that it referred a data breach case involving The National Belgian Railway Company to the Brussels Public Prosecutor. The data breach, which occurred in December 2012, resulted in the 1.46 million sets of customer data being made publicly available online. The Privacy Commission investigated the case and concluded that there had been a violation of the Belgian Data Protection Act, but since the Privacy Commission does not have the authority to impose sanctions for the violation, it referred the case to the prosecutor’s office to initiate criminal proceedings. The Privacy Commission commented that this is the first time that it has referred a data breach case to the Public Prosecutor.

Read more on Hunton & Williams Privacy and Information Security Law Blog.

I don’t remember ever seeing any reference to this breach before, but so far, my Google skills have failed me in finding media coverage. If anyone has a link to articles that provide more details about the breach, please use the Comments section below to point me to them.

Update: Biometric information of 14 lakh Aadhar applicants goes missing

Government Sector, Non-U.S., Other No Responses »

May 012013

So it seems it may not be 300,000 biometric national ID records lost, but 1.4 million….

Older Entries Newer Entries