Industry News



22.10.14 - Draft EU proposals on cyber and data breach notification: where are we now?
As reported in our first edition, there are two proposals making their way through the Brussels legislature which will change the legal landscape for the reporting of cyber attacks. These are the draft Network and Information Security Directive...
22.10.14 - Blanket care.data opt out by GPs does not breach Data Protection Act
GPs who opt all their patients out of the care.data scheme would not be in breach of the Data Protection Act, the Information Commissioner's office has confirmed, as pilot schemes begin the re-introduction of the controversial data collection scheme.
22.10.14 - SIC tightens policy following data breach
A “BLATANT” breach of data protection has resulted in Shetland Islands Council announcing that it will no longer publish individual responses to school closure proposals from members of the public
21.10.14 - ICO warns UK broadcasters over filming using drones
UK broadcasters have been warned that their use of unmanned drones for filming purposes must adhere to data protection laws.
21.10.14 - Staples investigates possible Data Breach and credit card fraud
Retailer Staples is investigating a potential data breach and compromise of customers' credit card details
17.10.14 - Hackers strike defense companies through real-time ad bidding
A major change this year in how online advertisements are sold has been embraced by hackers, who are using advanced ad-targeting capabilities to precisely deliver malware
17.10.14 - Hikvision Enhances Performance of EXIR Network Bullet Cameras
Homes, offices and small-to-medium enterprises are set to benefit from the addition of Hikvision’s advanced EXIR Bullet network cameras to its easy IP solution line-up. The DS-2CD2T series of 2- and 3-Megapixel cameras feature high-performance LED light sources and a revolutionary rectangular lens for seamless HD formatting but now boast Infrared Gain Glass for ultimate light transmittance and unparalleled levels of night-time surveillance.
17.10.14 - Plan for Saudi-Iraq Border Fence Demonstrates Strong Role for Physical Security in Middle East
Covering 560 miles of the country’s northern frontier the fence is the first stage of a border security programme launched amid growing concerns about the risk posed by the self-proclaimed Islamic State (IS) marauding across Iraq and Syria.
17.10.14 - New technique allows attackers to hide stealthy Android malware in images
A new technique that allows attackers to hide encrypted malicious Android applications inside images could be used to evade detection by antivirus products and possibly Google Play’s own malware scanne
17.10.14 - 6 Browser Plug-ins That Protect Your Privacy
It's no stretch to say that ads are what make the Web go 'round. The content you're reading right now? Paid for by ads. Google, Facebook, Pandora, YouTube? Driven by ads. This is not a new concept: TV and radio have relied on commercials since their earliest days. Because, let's face it, something has to pay for all the free programming and services.
17.10.14 - Facebook doubles ad-hacking bounty
Facebook has doubled the cash it will pay out to folks who report holes in its advertising code. The bounty will rise in a bid to entice hackers to report bugs found in its ads code following an internal security audit that squashed an undisclosed number of vulnerabilities.
17.10.14 - Apple patches 144 security flaws across seven products
In addition to OS X 10.10 Yosemite, Apple released a number of other software updates on Thursday, largely for security fixes: Security Update 2014-005 for OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.5; OS X Server versions 2.2.5, 3.3.2 and 4.0; and iTunes 12.0.1. In total, 144 separate vulnerabilities are addressed in these updates.
17.10.14 - McAfee preaches integration with updated next-generation firewall
This year marks the 25th anniversary of the firewall and McAfee has acknowledged this milestone by upgrading its next-generation firewall (NGFW), adding new levels of integration and connectivity.
17.10.14 - Microsoft releases 8 patches, including anti-Sandworm fix - get yourself covered!
Microsoft released three critical patches last night, including a fix for the flaw being exploited by the sandworm gang. As part of what it now calls Update Tuesday, Microsoft said in an advisory that the three critical-rated and five important patches will address 24 Common Vulnerabilities and Exposures (CVEs) in Windows, Office, .NET Framework, .ASP.NET and Internet Explorer.
17.10.14 - Anonymous app Whisper denies tracking claims
The editor of Whisper, an app for people to share secrets anonymously, has angrily denied reports that it has been tracking users and sharing data.
16.10.14 - Facebook debuts Safety Check, a disaster incident check-in tool
When disaster strikes, Facebook's new Safety Check tool will enable users to report their well-being to loved ones and will apprise them of connected neighbors whose whereabouts might remain uncertain.
16.10.14 - 17 percent of European APTs now targeting UK entities
The FireEye H1-2014 EMEA Advanced Threat Report claims that malware attacks - especially advanced targeted attacks - have nearly doubled in the first half of 2014. The number of unique infections, says the analysis, has grown steadily in the EMEA area
16.10.14 - AVG’s Wi-Fi Assistant: Wi-Fi hacking and tracking protection
AVG’s well above average security products for PCs, smartphones and tablets has taken a giant leap forward into protecting you against Wi-Fi hacking and tracking by smacking hackers with a software thwacking.
16.10.14 - ICO issues privacy warning over CCTV, wearable devices and drones
Emerging surveillance technology including drones and wearable video cameras - such as that on Google Glass - must only be used by the authorities when necessary and in a proportionate manner, the Information Commissioner's Office (ICO) has warned.
15.10.14 - Information Commissioner Releases New CCTV Code of Practice
The Information Commissioner’s Office (ICO) has issued updated guidance on CCTV video surveillance today. Entitled “In the picture: A data protection code of practice for surveillance cameras and personal information”, the 44-page document sets out “good practice advice for those involved in operating CCTV and other surveillance camera devices
15.10.14 - HTTPA: New tech transforms transparency into privacy
Preserving privacy by keeping information secret isn't working. Consumers give away precious data for online baubles. Data breaches, large and small, spill data all over the Web. Marketers indiscriminiately gather details about the online lives of people in their target markets
14.10.14 - Russians Suspected in Ukraine Hack
Exploiting a flaw in Microsoft Office, a group of hackers believed to be Russians breached computers operated by the Ukrainian government, according to the cyberthreat intelligence firm iSight Partners. The breach occurred during September's NATO summit in Wales, where leaders addressed Russia's seizure of Ukrainian territory
10.10.14 - Devices being remotely wiped in police custody
All the data on some of the tablets and phones seized as evidence is being wiped out, remotely, while they are in police custody, the BBC has learned.
10.10.14 - Only 100 cybercrime brains worldwide says Europol boss
There are only "around 100" cybercriminal kingpins behind global cybercrime, according to the head of Europol's Cybercrime Centre.
08.10.14 - Web inventor Sir Tim Berners-Lee sees future of 'trackable' data
Sir Tim Berners-Lee talked up the importance of web neutrality and how 'rich and trackable' data will be essential in solving issues around online privacy.
07.10.14 - Ransomware attack knocks TV station off air
On Monday, The ABC had to suspend programming out of Sydney, Australia and move broadcasting to Melbourne after their network was targeted by Ransomware. The malware prevented normal operations, resulting in ABC News 24 going off air for just over 30 minutes.
06.10.14 - BadUSB - now with Do-It-Yourself instructions
Back in August 2014, we wrote about BadUSB. That was a paper about USB firmware hacking written by a pair of researchers from Germany and presented at the BlackHat 2014 conference.
06.10.14 - GPs could opt all patients out of care.data opt under data protection laws, information office says
GPs could opt all their patients out of care.data if they have not had time or resources available to inform their patients, the Information Commissioner’s Office has said in its strongest statement on the issue so far.
01.10.14 - Brits more likely to change their spouse than their PIN number
19% haven’t changed their PIN for 15 years or longer, while the average marriage that ends in divorce lasts just 11.5 years - See more at: http://www.information-age.com/technology/security/123458511/brits-more-likely-change-their-spouse-their-pin-number?utm_medium=twitter&utm_source=twitterfeed#sthash.2iaylbqr.dpuf
01.10.14 - Trend Micro and INTERPOL team up against cybercrime
Security software and solutions firm Trend Micro has announced a three-year agreement with INTERPOL that will see it provide tools, training and human resources to the international police organisation and its 190 member countries.
29.09.14 - Cyber security peer panel: A duty to inform
The Information Commissioner’s Office has intensified its focus on lawyers with respect to data breaches, and mandatory breach notification is on the way
28.09.14 - Media must protect multiple fronts from cyber attacks
In July, The Wall Street Journal’s Facebook page was hacked with a false report: “#Breaking: U.S. Air Force One crash feared as air traffic control loses contact with pilot over Russian air space.”
28.09.14 - Data Breaches Rise as Cybercriminals Continue to Outwit IT
Security breaches rise again this year, costing an average of $415,000, as security pros fail to keep pace with cybercrime innovation.
26.09.14 - Advent IM gain dual certifications
Today Advent IM announced its successful certification to both Cyber Essentials and IASME
25.09.14 - Angus Council worker faces action over data breach
An Angus Council benefits service worker is at the centre of “remedial” proceedings for accessing a couple’s records with personal interest.
25.09.14 - What is the Shellshock bug? Is it worse than Heartbleed?
Security experts have warned that a serious flaw could be about to affect many of the world’s web users. Here’s what you should do
25.09.14 - IC3 flags scam after branding disgruntled IT staff a 'threat'
The US Internet Crime Complaint Center has revealed that cyber criminals are posing as its employees in order to dupe the public, only a day after announcing that disgruntled IT employees posed a "significant cyber threat" to the US businesses.
24.09.14 - Home Depot Breach Said to Feed Card, Account Frauds, WSJ Reports
Home Depot Inc. (HD)’s data breach, which put about 56 million payment cards at risk, has fed fraudulent transactions that in some cases have drained money from customer bank accounts, the Wall Street Journal reported
24.09.14 - UK special envoy tasked with improving data sharing
The British government has employed Sir Nigel Sheinwald (former senior diplomat and ambassador to the US) as special envoy on intelligence and law enforcement data sharing in the UK. The move was announced in July as part of the government's plans to introduce emergency legislation to preserve data retention and investigation powers (DRIP).
19.09.14 - NATO Steps Up Private Sector Co-operation with New Alliance
The world’s largest military alliance, NATO, has announced plans for a new initiative designed to bolster co-operation with the private sector on cyber security threats.
19.09.14 - eBay takes flak for leaving rigged iPhone listing up for 12 hours
eBay's getting flak for its chilled response to a serious attack.
18.09.14 - ICO fines pass £5m, local councils and NHS worst offenders
The Information Commissioner’s Office (ICO) has issued fines in excess of £5m for data breaches since it was given this power in 2010, with local councils and NHS Trusts being the worst offenders.
18.09.14 - Card and banking fraud back on the rise again
New figures just released by Financial Fraud Action UK (FFA UK) claim to show that card and remote banking fraud increased during the first six months of 2014.
17.09.14 - Cybersecurity plans still lacking in big business, survey reveals
A survey polling 200 lsenior decision makers reveals that many large business still don't “get it” when it comes to cybersecurity. The suvey results, published yesterday by Mishcon de Reya law firm, illustrate that despite the increasing sophistication and frequency of cyberattacks, businesses remain blind-sighted, with nearly a fifth admitting that their employees are not adequately informed about cyberthreats and risks while their organisation as a whole does not have a plan in place to deal with a supply chain security breach.
17.09.14 - eBay redirect attack puts buyers' credentials at risk
EBay has been compromised so that people who clicked on some of its links were automatically diverted to a site designed to steal their credentials.
17.09.14 - Survey reveals widespread mistrust of the cloud
Seven in 10 businesses don’t trust the cloud to obey data protection laws, according to research by Ponemon
16.09.14 - No action over data breach at South Central Ambulance Service
No action is to be taken against South Central Ambulance Service (SCAS) after the personal data of staff was accidentally published online.
16.09.14 - Financial institutions suffering from global cybercrime
Organizations are reticent to reveal the severity of cyber attacks on their systems, thereby injuring their reputations, which makes it difficult to measure how serious the costs have been to businesses.
16.09.14 - UK firms to compete for £4m cyber security fund
Small businesses in the UK's technology industry are set to compete for a share of £4m as part of a new government competition to tackle cyber crime
15.09.14 - Security compliance is necessary for real-time mobile data access
http://www.itproportal.com/2014/09/15/security-compliance-necessary-real-time-mobile-data-access/#ixzz3DlhSDKLW
14.09.14 - JP Morgan the victim of an 8-week long cyber attack
New York - This summer's hackers discovered a way into the servers of mega-bank JP Morgan Chase, exposing the backdoor vulnerability to access copious amounts of customer and company data
13.09.14 - Not pro Bono: Apple's audio junk mail made spammers' lives easier
Without warning, the iPhone maker emitted Songs of Innocence with all the haste of a critical security update after the group's appearance at its Apple Watch and iPhone 6 launch on Tuesday.
12.09.14 - Yahoo 'threatened' by US government with $250,000-a-day fine
Yahoo said the US government threatened to fine it $250,000 a day if the search giant failed to hand over user data
12.09.14 - ICO warns on leaving employees walking off with company info
The Information Commissioner's Office (ICO) has warned staff that walking off with the personal information of their employer when changing jobs is a criminal offence
12.09.14 - Google Responds to Gmail Password Dump
Only a small percentage of the roughly five million password and username combinations recently dumped online would have allowed someone to access Gmail accounts, according to Google.
12.09.14 - US court claims right to British MPs' emails
In a new twist to the US Government's claim that it has the right to access data held on Microsoft servers in Dublin, British MP's emails are now revealled to be among data that could be seized.
11.09.14 - ISIS, Al Qaeda To Launch Cyber Attacks To Set Up Digital Caliphate
Extremist groups in the Middle East are reportedly preparing to launch a massive cyber attack against the United States. According to a Fox News report, leaders of Islamic State of Iraq and Syria and Al Qaeda are stepping up efforts to seek a digital caliphate. One of the jihadist leaders had allegedly hacked the Gmail account of former British Prime Minister Tony Blair.
11.09.14 - Apple Pay is a really cool way to drain your entire bank account
The new iPhone payment technology will make spending money easier than ever. And that’s supposed to be a good thing?
10.09.14 - UK a global target in phishing attacks, new study reveals
0 Ava Fedorov September 10, 2014 UK a global target in phishing attacks, new study reveals Share this article: facebook twitter linkedin google A recent study published by Proofpoint has revealed that unsolicited email destined for recipients based in the UK is over four times more likely to contain a malicious URL than in the United States, Germany or France. The study, which analysed more than one million URLs over the course of three weeks, found that on average, UK-based email recipients are twice as likely to receive malicious URLs than those in the US, and a whopping five times more likely to receive unsolicited emails containing malicious URLs than their counterparts in Germany and France.
09.09.14 - 'Kyle and Stan' malvertising attack infects millions via Amazon and YouTube
A malicious advertising network dubbed 'Kyle and Stan' has dropped malware on possibly millions of users via hundreds of websites including Amazon, YouTube and Yahoo, according to a Cisco investigation.
09.09.14 - Phishing miscreants THWART securo-sleuths with AES-256 crypto
Phishing fraudsters have begun using industry-standard AES-256 encryption to disguise the content of fraudulent sites.
09.09.14 - Here are some recent data breaches from Apple Pay’s new partners
With that in mind, here are some of Apple's new Pay partners who have recently been hacked:
08.09.14 - Social media remains an easily exploitable attack surface
Twitter is one of my favorite social platforms. As a journalist, I get news from it, but I also get to interact with my peers and friends. But Twitter, like every other social platform, has an interesting attack surface; one that criminals have been exploiting for years.
08.09.14 - 'Celebgate' hackers plotted more thefts via Android Flappy Bird clone
Researcher finds more attempts to steal private photos, while Symantec spots a botnet campaign to steal Apple account data.
08.09.14 - 'Undetectable' Peter Pan computer virus threatens UK businesses
A sophisticated spam attack has raised the spectre of a new wave of undetectable viruses coming from eastern Europe
05.09.14 - Barclays bank launches biometric authentication
Barclays announced plans to launch biometric readers for customer authentication
05.09.14 - Apple promises to upgrade iCloud security after celebrity nude photos hack
Apple CEO Tim Cook has promised to improve the security of its iCloud service after more than 100 celebrities were hacked, with the attackers publishing nude photos they found on the notorious 4Chan website
04.09.14 - Smartphone users unaware of hacking risks
More than half of mobile users are unaware that hackers can take control of their smartphones, according to research by Kaspersky
04.09.14 - Nato to adopt new cyber defence policy
Nato leaders are expected to accept that there is no distinction between cyber attack and physical attack at the organisation’s 2014 summit in Wales this week.
03.09.14 - eBay glitch blocks access for users on auction site
E-retailing giant eBay's users are reporting difficulty signing in to the site from locations in India, the US, the UK and other parts of Europe
02.9.14 - Home Depot share prices fall after news of data breach
Shares fell 2.5% after the security expert Brain Krebs claimed that hackers had stolen credit and debt cards from the chain.
02.9.14 - Home Depot share prices fall after news of data breach
Shares fell 2.5% after the security expert Brain Krebs claimed that hackers had stolen credit and debt cards from the chain.
01.09.14 - Hi-tech cars are security risk, warn researchers
The most complicated computational device you own is probably not in your pocket, not mining bitcoins in the back room or nestled by the TV helping the kids "frag" their friends in eye-popping video game HD.
31.08.14 - Q&A: Improving cyber security – advice for companies
FW moderates a discussion on improving cyber security between Mike Gillespie at Advent IM, Marcus Klische at BlackBerry, Elliot Lewis at Dell, Ron Raether at Faruki Ireland & Cox, Alex Krutov at Navigation Advisors, and David Prince at Schillings.
29.08.14 - Dairy Queen Latest Retailer To Report Hack
Dairy Queen is known for its hot fries and sweet treats, but it just made cyber history as the latest victim of a hack attack Relevant Products/Services. The fast food chain has revealed that customer Relevant Products/Services data Relevant Products/Services at some of its stores may be at risk.
29.08.14 - 20% Report Child Sex Abuse Downloads at Work
While it may seem horrifying to believe, a full 20% of respondents in a recent survey of UK professionals said that they were aware that someone in their workplace had downloaded child sexual abuse (CSA) material while at work.
28.08.14 - Racing Post pulls up short on IT security
The Information Commissioner’s Office (ICO) is warning businesses that they must be prepared for a targeted attack. The warning comes as the Racing Post signs a commitment to improve its IT security practices after 677,335 accounts were compromised during a data breach in October 2013.
28.08.14 - FBI probes cyber attacks on banks
The FBI is working with the Secret Service to determine the extent of cyber attacks against several US financial institutions.
28.08.14 - Warning: Emails referring to Halix Immigration Solicitors (halixsolicitors.com) and + 44 7042061665
The SRA has received information that an individual has received an email referring them to "Halix Immigration Solicitors" and "Mr Andrew Hutton, Principal Notary".
27.08.14 - Risk of cyber attack on the shipping supply chain increasing, say experts
The threat of cyber attacks on ports, shipping terminals and carriers has increased “significantly” over the past few months, experts have warned.
27.08.14 - DDoS attack downs Twitch on news of Amazon acquisition
Just hours after Amazon announced a $970m deal to acquire Twitch, the live video platform for gamers was taken offline temporarily by a distributed denial of service (DDoS) attack.
27.08.14 - Banking apps: Handy, can grab all your money... and RIDDLED with coding flaws
The whopping 70 per cent of retail and 69 perc ent of financial services apps are vulnerable to data breaches.
26.08.14 - fines Ministry of Justice £180,000 for unencrypted data gaffe at 75 prisons
The Information Commissioner’s Office (ICO) has fined the Ministry of Justice (MoJ) £180,000 after it discovered all 75 prisons in England and Wales had been storing data on hard drives without the encryption capability turned on for more than a year.
26.08.14 - Global regulator says cyber-attack could hurt financial markets
Global market watchdog International Organisation of Securities Commissions (Iosco) has warned that the next major financial shock - or 'black swan event' - could come from a cyber-attack.
26.08.14 - Digital pirates and the growing threat of cyber-attacks to shipping
In a world where young men are willing to pounce on VLCCs using only guts, wooden boats and rusty Kalashnikovs, the threat to shipping and maritime may now also be coming in a much more subtle manner from the computer hacker
26.08.14 - Lincolnshire County Council apologises to 4,000 people over personal data breach
Lincolnshire County Council is apologising after a ‘data breach’ which led to the names and email addresses of more than 4,000 people being sent to some 250 email addresses.
26.08.14 - Phishing campaign lures victims with models' photos
New phishing campaigns are capitalizing on two female models' looks to steal Facebook login information from users
21.08.14 - City of London police to get cybercrime training
With cybercrime responsible for seven out of ten fraud offences, according to data from the National Fraud Intelligence Bureau, the City of London police force is enlisting Russia-based security vendor Kaspersky Lab to bolster its cyber-crime-fighting prowess.
20.08.14 - UPS unit warns of data breach at 51 locations
Aug 20 (Reuters) - UPS Store Inc, a unit of United Parcel Service Inc, warned of a potential data breach at about 51 of its franchised center locations in 24 states across the United States
18.08.14 - UK cyber experts star in BBC 'house of hacking horrors' test
Security experts from Sophos, NCC Group and Nettitude have taken centre stage in an experiment run by the BBC to find out how insecure smart home devices like TVs, fridges and webcams are.
18.08.14 - Data breaches impact customer loyalty
Data breaches have a significant impact on whether a customer will interact with an organisation again, according to new research from SafeNet, a data protection solutions company. The global research, which surveyed over 4,500 people across five countries - US, UK, Germany, Japan, and Australia - found that nearly 65 per cent of respondents would never, or were very unlikely to, do business again with a company that had experienced a data breach where financial data (credit card information, bank account number, or login details) was stolen.
18.08.14 - You have been hacked!
THE theft by a Russian syndicate of 1.2 billion username and password combinations from 420,000 websites around the world means that the personal details of almost half of all users of the internet must now be considered severely compromised. It can be only a matter of time before the victims find nasty surprises in their bank statements and credit-card accounts.
14.08.14 - Half of us are at risk of cyber-attacks ‘because we don’t install anti-virus software on laptops or phones’
Not installing anti-virus and security software on new devices such as laptops and mobiles means that almost half of us are at risk from cyber attacks.
14.08.14 - New report shows extent of data breaches in 2014
Data breaches, especially the large-scale attacks that see millions of customers' data stolen, are becoming more common. They can be incredibly harmful to a company's reputation, as well as potentially costing them vast amounts of money to clean up. As such, it is important to keep up with the latest research on the subject in order to stay prepared
12.08.14 - Internet hiccups today? You're not alone. Here's why
It's not just you. Many Internet providers have been having trouble as they run into long expected (but not adequately prepared for) routing table problems.
12.08.14 - Only one in 100 cloud providers meet latest EU data protection requirements
The vast majority of cloud providers are not yet prepared to meet the requirements of the new EU General Data Protection Regulation that will come into effect next year to replace the EU Data Protection Directive adopted in 1995, research has revealed.
12.08.14 - Hackers Stole 2 Million Customer Records Per Day in Q2 2014
The second quarter of 2014 saw 237 data breaches that exposed more than 175 million customer records worldwide, according to the SafeNet Breach Level Index.
11.08.14 - Def Con: The good, the bad and 'the Feds'
The kids, aged between seven and 10 or so, are sat around in a semi-circle, as if ready to hear a bedtime story.
11.08.14 - Security Think Tank: Minor failings can trigger major data breaches
A good data breach incident response plan looks like one that has never been used. By that I mean it has been created and tested but never had to be called into use because the preparation, education and testing involved in good security has been so effective.
11.08.14 - UK teens to study cyber warfare through GCHQ-backed programme
Cyber Security Challenge UK is partnering with US defence giant Northrop Grumman
11.08.14 - US Air Force cyber security competition comes to UK
A defence contractor has joined with the UK's Cyber Security Challenge to bring a US Air Force cyber competition to this side of the Atlantic.
06.08.14 - US government faces new post-Snowden leaker
The United States Government could be facing a new leak source besides Edward Snowden, after classified documents emerged this week outlining data-collecting activities relating to the nation's central counterterrorism database.
06.08.14 - Russian crime ring reportedly nabbed 1.2 billion online credentials
On the heels of the admittance of just how much the severe cyber attack on Target cost the retailer comes the revelation of what might be the largest swath of stolen Internet credentials ever.
05.08.14 - Target's data breach tab: $110 million
The Minneapolis-based retailer saw net expenses of $110 million from the data breach -- no chump change but "less bad" than it could have been, according to analysts.
04.08.14 - Warning issued over 'Backoff' point-of-sale malware
The US Computer Emergency Response Team (US-CERT) has warned of new and potentially dangerous malware that is believed to have already infected some 600 retail businesses.
01.08.14 - Backbytes: Black Hat to the NSA – 'Your name's not down, you're not coming in'
The man from the US National Security Agency (NSA) always used to get invited to the best parties. He was particularly popular for his clever mind-reading trick - no one could work out how he did it...
01.08.14 - How one judge single-handedly killed trust in the US technology industry
US Judge Loretta Preska ruled Microsoft must hand over data it stores overseas
31.08.14 - Israeli Iron Dome firms 'infiltrated by Chinese hackers'
The BBC has seen evidence that appears to confirm hackers stole several secret military documents from two government-owned Israeli companies that developed the Iron Dome missile defence system.
30.07.14 - Tor warns users it was attacked, but details on deanonymizing efforts sketchy
While the company said users of Tor should "assume they were affected," the developers of the anonymous browsing service do not yet know what "affected" means.
28.07.14 - ICO warns companies over big data initiatives
The Information Commissioner's Office (ICO) has warned organisations that their big data initiatives must operate within the bounds of data protection laws.
24.07.14 - European Central Bank hacked and blackmailed in website attack
The European Central Bank (ECB) has admitted that its website has been hacked, with unencrypted personal contact details stolen, including email and mailing addresses, as well as phone numbers.
23.08.14 - Wall Street Journal computers taken offline after cyber attack
Computers at The Wall Street Journal were taken offline after it was discovered hackers had infiltrated networks at the brand, its publisher Dow Jones & Co has said.
18.07.14 - Computers at The Wall Street Journal were taken offline after it was discovered hackers had infiltrated networks at the brand, its publisher Dow Jones & Co has said.
Britain's small businesses are "woefully under-prepared" to combat cyber attacks, despite an increasingly reliance on the mobile devices that often offer an easy entry point into organisations for cyber criminals.
18.07.14 - LinkedIn users warned of new phishing scam
LinkedIn users have been warned about a new phishing scam designed to persuade them to hand over their login details.
16.07.14 - 96% of Organizations Experienced a Serious Security Incident in the Past Year
Most enterprises lack confidence in their security measures.
15.07.14 - UK constable accused of breaching data protection law to access women’s private info
UK chief constable, Nick Gargan, is under criminal investigation for allegedly breaking data protection legislation to access personal information of younger females whom he’s accused of inappropriately propositioning.
15.07.14 Cyber security fears drive businesses to third-party payment services
High-profile breaches highlight the need for secure credit card processing
15.07.14 - ICYMI: British spies, security researchers & finding value from BYOD
This week's In Case You Missed column looks at Britain's new surveillance laws, the sacking of a security researcher and questions on BYOD management.
10.07.14 - UK leads international partnership to fight financial malware
The UK’s National Crime Agency (NCA) is leading an international collaboration between law enforcement and private sector firms to fight bank theft malware.
09.07.14 - Security Think Tank: Minor failings can trigger major data breaches
A good data breach incident response plan looks like one that has never been used. By that I mean it has been created and tested but never had to be called into use because the preparation, education and testing involved in good security has been so effective.
09.07.14 - Betsi Cadwaladr health board criticised for data breach
Sensitive medical information about patients was sent mistakenly by a health board to another patient, a data protection watchdog has discovered.
08.07.14 - Report: Financial Industry Group Pushes for Cyberwar Council
Fears of a potentially devastating cyberattack worry the financial industry, but the Securities Industry and Financial Markets Association reportedly has a plan to create a public-private council to help tackle the issue. Some former former NSA and Homeland Security heads may help.
07.07.14 - Scots firms urged to step up cyber security measures
Scottish firms are being urged to step up security measures to prevent their cyber supply chain being hacked.
07.07.14 - 'Complacency' to blame for undetected data breaches
A new study from IT governance reveals that a half of IT staff believe that their company may have suffered a data breach without it being detected.
04.07.14 - NSA 'targets' Tor web servers and users
The NSA has been targeting the Tor anonymising system to spy on its users, suggests a report.
04.07.14 - Bletchley Park cyber security centre opens
Bletchley Park, the forerunner to GCHQ and synonymous with the Enigma code breakers of WWII, opened its international cyber-security exhibition earlier this week.
03.07.14 - Euro-cops get crash course in fighting cybercrime
A collection of high-ranking police officers are being trained in how to tackle increasingly advanced cyber threats at a two-week event hosted by Europol.
02.07.14 - Cyber and data protection doesn’t feature highly for UK boards
Cyber security and data protection have been ranked third in a list of boardroom priorities.
01.07.14 - BBC finds ambulance service data breach
The South Central Ambulance Service received a Freedom of Information (FOI) request from BBC Radio Berkshire, which revealed how data was leaked on the religion, sexuality, age and insurance details of close to 3,000 members of staff.
30.06.14 - Bug Found in Android OS, 10 Percent of Users Vulnerable
IBM researchers identified a vulnerability in Android OS version 4.3. The vulnerability lies in the Android KeyStore, which holds cryptographic keys and credentials.
30.06.14 - DDoS attacks are becoming more effective
Disruptive cyber-attacks are becoming more effective at breaching security defenses, causing major disruption and sometimes bringing down organizations for whole working days, according to a new global study from BT
28.06.14 - Information Commissioner's Office Says Google Glass Wearers Will Have to Comply With Usual Rules
Google Glass is now freely-available in the UK, but the Information Commissioner's Office, the independent regulator of data protection and privacy rights, has made it clear that just because it's mounted on your face doesn't mean Glass will be getting any special treatment.
26.06.14 - Attackers fling Stuxnet-style RATs at critical control software in EUROPE
Security researchers have uncovered a series of Trojan-based attacks which have infiltrated several targets by infecting industrial control system software from the makers of SCADA and ICS systems.
26.06.14 - Average chump in 'bank' phone scam is STUNG for £10,000 - study
UK consumers have lost more than £21m to "social engineering" scams where fraudsters impersonated bank employees and tech support since the beginning of the year, according to GetSafeOnline.
13.06.14 - AT&T breach allowed customer data to be used to unlock smartphones
IDG News Service - Personal information, including Social Security numbers and call records, was accessed for an unknown number of AT&T Mobility customers by people outside of the company, AT&T has confirmed
13.06.14 - Risk & Sec Management Theatre (Day 2 Mike Gillespie -Advent IM)
Aimed at corporate end users, the Risk & Security Management Theatre allows you to earn CPD points while learning more about the key issues that you face every day
12.06.14 - Cyber crime a top fraud concern for UK business
Cyber crime is a top fraud concern for UK businesses, according to the latest EY Global Fraud Survey.
12.06.14 - Data Breach Survey: Consumers Hold Retailers Responsible, Second Only to Criminals
Majority believe that retailers should be financially responsible for fraudulent charges. One third of consumers stopped shopping at certain retailers, based on data breach concerns
12.06.14 - Information Risk Gaps Costing Firms Dear, Warns Iron Mountain
Most businesses are aware of data breach risks but don’t know how to address them, new study reveals.
12.06.14 -Online Extortion Rears its Head Prior to World Cup
An advanced cyperattack was prevented at an online gambling website recently.
10.06.14 - McAfee: £300bn annual global cost of cyber crime
Cyber crime is a growth industry worth between £220bn and £340bn every year – more than the national income of most countries in the world.
04.05.14 - Thousands of Personal Details Exposed in Latest UK Data Breach Blunders
South Central Ambulance Service and Basingstoke council under investigation by ICO after accidental leaks.
04.06.14 - Cryptolocker: Police take further action on ransomware that hit 50,000 in UK
New control servers have been identified and shut down in the last two days, but no arrests yet
04.06.14 - Life sentences for serious cyberattacks are proposed in Queen's speech
y cyberattackers who cause 'loss of life, serious injury or damage to national security' could face full sentence
02.06.14 - Basingstoke council apology over benefits data breach
A council leaked personal details of housing benefit claimants, including their dates of birth and national insurance details, in response to a Freedom of Information (FOI) request.
02.06.14 - Middle East hackers target Europe and US
High quality global journalism requires investment. Please share this article with others using the link below, do not cut & paste the article. See our Ts&Cs and Copyright Policy for more detail. Email ftsales.support@ft.com to buy additional rights. http://www.ft.com/cms/s/0/72e919a2-e98c-11e3-bbc1-00144feabdc0.html#ixzz33URWXovD A group of Middle Eastern hackers has targeted European national governments and a major US financial institution in a recent cyber espionage campaign, according to research by FireEye, the US cyber security company.
02.06.14 - South Central Ambulance Service staff data breach
The personal data of thousands of ambulance service staff has been accidentally published online, it has been revealed.
02.06.14 - 'Two weeks' to block cyber-attack as criminal network seized
People have "two weeks" to protect themselves from a "powerful computer attack", the UK's National Crime Agency (NCA) has warned.
30.05.14 - Criminals selling dumps of stolen Steam passwords for less than £10
Gaming platform Steam is dealing with regular attacks from hackers who are stealing and selling user data, as well as malware attacks and phishing, researchers warn
30.05.14 - ICO slams Council's 'startling' data security policy, threatens court order
The Information Commissioner's Office (ICO) has criticised Wolverhampton Council's "startling" approach to data security.
29.05.14 - PayPal phishing up 73% in Q1
The April 2014 Internet threats trend report from Cyren says there was a 73 percent surge in phishing URLs relating to PayPal, which the cloud security specialist says highlights a cybercriminal shift over to attacks that generate more money.
29.05.14 - Shoe retail chain Office latest victim of security breach
High street shoe retailer Office is the latest victim of a security breach, and has urged its customers to change their passwords for the website.
29.05.14 - UK National Cyber Crime Unit open to business
The UK's National Cyber Crime Unit is open to working with business and other organisations in the private sector, says deputy director Andy Archibald.
29.05.14 - Second eBay security flaw discovered
A security researcher, who last week uncovered a vulnerability in eBay’s website that allowed hackers to steal the personal details of 233 million customers, has discovered a second vulnerability.
27.05.14 - ‘Cybercrime is a vector,’ Says FBI Director
Cybercrime cuts across 'everything the FBI is responsible for'
27.05.14 - Operation takes down crime network affecting European electronic payments
Bulgarian and French judicial and law enforcement authorities, working in close cooperation with the European Cybercrime Centre (EC3) at Europol and Eurojust in The Hague, have smashed another significant Bulgarian organized crime network suspected of a variety of crimes including electronic payment and document fraud, currency counterfeiting and drugs trafficking.
27.05.14 - Avast takes community forum offline after data breach
Prague-based antivirus company Avast said Monday it took its community forum offline after a data breach, but payment information was not compromised.
26.05.14 - Half of Britons 'wary of eBay following data breach'
Almost half of Britons are seemingly less likely to use eBay following the news that the auction service was hit by a massive data breach earlier this year.
23.05.14 - eBay faces investigations over massive data breach
The UK's information commissioner is working with European data authorities with a view to taking action against eBay over its recent data breach.
21.05.14 - As more people around the world gain access to the internet, cybercrime will exacerbate, according to the cybercrime division of Europol
As more people around the world gain access to the internet, cybercrime will exacerbate, according to the cybercrime division of Europol
21.05.14 - Newcastle man arrested in West Midlands Police international cyber-crime operation
WEST MIDLANDS Police have arrested a Newcastle man as part of their international cyber-crime operation.
21/05/14 - ICO LAUNCHES CONSULTATION TO UPDATE THE CCTV CODE OF PRACTICE
Yesterday the Information Commissioner’s Office (ICO) announced that it has launched a consultation to update the CCTV code of practice. The world that we now live in has changed immensely since the code was first published in 2000 and so it is absolutely right that we have a new code that will include guidance on everything from automatic recognition of car number plates to body worn cameras to flying drones.
20.05.14 - Retail easy pickings for hackers, says Verizon
Retailers around the world are making it easy for hackers to access their IT systems and steal lucrative financial data, says Verizon.
16.05.14 - The Cyber Security Challenge COMPETITIONS...we would like to take this opportunity to update you all on the latest intelligence regarding the group calling themselves the Flag Day Associates.
Since our 2014 Masterclass Awards were interrupted by the aforementioned collective and their threatening video, the Challenge and its partners have been working to establish a way forward.
16.05.14 - Manufacturers risking reputation by ignoring cyber security
Many small and medium sized manufacturing businesses could vastly improve their online safety and subsequently their reputation if they made cyber security more of a priority.
14.05.14 - UK organisations failing to meet basic security requirements
Organisations are risking breaches of data by not adhering to standard industry security practices according to a new report by the UK's Information Commissioner's Office (ICO).
13.05.14 - EU backs 'right to be forgotten' in Google court case
A European court has backed the "right to be forgotten" for the first time and has ordered Google to delete "inadequate, irrelevant or no longer relevant" data from search results, if demanded by a member of public.
12.05.14 - Google account passwords stolen in phishing attack
Hackers have been stealing Google account passwords in a new and better crafted phishing attack that is hard to catch with traditional heuristic detection, according to Bitdefender.
12.05.14 - 'Private' electoral roll data sold to junk mail company after software error
Supposedly private electoral roll information is suspected to have been sold to junk mail companies in a series of leaks from local authorities
08.05.14 - Despite recent breaches, many UK retailers and financial firms haven't upgraded their online security strategies
Despite a recent spate of breaches affecting their industries, many UK retailers and financial firms still aren't taking the steps they need to protect their data online, according to a study published Wednesday.
07.05.14 - Council breaks data rules over 50 times in one year
POWYS County Council has been criticised after new figures showed it was involved in over 50 breaches of the Data Protection Act in one year.
07.05.14 - Software glitch discloses Wokingham edited electoral register
Personal details of more than 18,000 Berkshire residents held by a council have been disclosed to marketing companies after a computer error.
07.05.14 - DDoS attacks increasingly used as diversions for data theft or fraud
Nearly a third of UK buinesses report DDoS incidents in 2013
06.05.14 - Data breaches: A new source of worry for CEOs
NEW YORK (AP) — Add hackers to the long list of things that give CEOs insomnia.
05.05.14 - Herefordshire Council still offers "limited assurance" over data protection
HEREFORDSHIRE Council still offers “limited assurance” over data protection despite warnings about its systems last year.
01.05.14 - Analysis of serious and organised crime threats
The National Crime Agency has published the most comprehensive public-facing analysis to date of the serious and organised crime threats affecting the UK.
01.05.14 - InfoSec 2014: 17 Percent Of All Thefts In The UK Threaten Victim Privacy
According to police records, 162,932 items of computing and communications equipment were stolen in the UK in the past year
01.05.14 - Eugene Kaspersky: major cyberterrorist attack is only matter of time
Nations must be ready for a remote attack on critical infrastructure, including power and transport systems, says security expert
30.04.14 EU AND UK PUSH NEW CYBER-SECURITY REGULATIONS
The UK is in a challenging situation. According to recent stats from a BT Business Survey...
27.04.14 - McAfee Report Claims Online Gambling Enables Cybercrime
A research paper published by McAfee claims that cybercriminals are being paid via untraceable payments performed on online gambling sites. According to the whitepaper, “Jackpot! Money Laundering Through Online Gambling”, casino operators are fueling cybercrime by making it easy to pay those involved.
22.04.14 - Cyber attacks move to cloud with increased adoption, report shows
Cyber attacks on cloud environments have almost reached the same level as attacks on traditional IT, with increased adoption of cloud-based services by the enterprise, a study shows.
22.04.14 - UK finance firms to face planned hacking
Finance firms in the UK could be attacked by ethical hackers on behalf of financial services regulators to identify weaknesses in cyber security.
22.04.14 - Data breach discovery takes 'weeks or months'
A new report confirms what's long been feared - businesses take too long to recognise and react to a data breach.
19.04.14 - HMRC 'plans to share tax data with private firms'
Taxpayers' personal data could be shared with private firms under plans drawn up by Revenue & Customs (HMRC).
17.04.14 - Security holes in power grid have federal officials scrambling
In Congress, the vulnerability of the power grid has emerged as among the most pressing domestic security concerns.
15.04.14 - Study: 52 Percent Of Businesses Defenseless Against Cyber-Attacks
According to a recent study, 52 percent of businesses are defenseless against a cyber-attack.
15.04.14 - Harley Group surgeons: 480,000 clients at risk from cyber hackers
A leading cosmetic surgery provider has been targeted by a computer hacker who may have accessed details of nearly 500,000 people considering procedures.
14.04.14 - Canada’s tax agency and UK parenting site first confirmed victims of Heartbleed
Canada’s tax agency and a British parenting site have announced data breaches due to the Heartbleed bug affecting OpenSSL. They are the first confirmed victims of the software flaw.
14.04.14 - Canada’s tax agency and UK parenting site first confirmed victims of Heartbleed
Canada’s tax agency and a British parenting site have announced data breaches due to the Heartbleed bug affecting OpenSSL. They are the first confirmed victims of the software flaw.
14.04.14 - Government launches cyber security certification for businesses
The government has launched its Cyber Essentials scheme to provide "clarity to organisations on what good cyber security practice is" and to "set out the steps they need to follow to manage cyber risks".
11.04.14 - Business can no longer ignore cyber conflict, says report
Private organisations have increasingly become collateral damage in political conflicts, according to the latest M-Trends report on cyber threats by Mandiant, a FireEye company.
11.04.14 - Business can no longer ignore cyber conflict, says report
Private organisations have increasingly become collateral damage in political conflicts, according to the latest M-Trends report on cyber threats by Mandiant, a FireEye company.
10.04.14 - Archdiocesan data breach leads to identity theft, false tax returns
A data breach of the Archdiocese of Portland’s computer systems has led to the filing of fraudulent tax returns, according to local media reports.
10.04.14 - Police forces still struggling on cyber front
Less than 7% of police forces in England and Wales have a comprehensive plan to deal with a large scale cyber incident, reveals an official report.
09.04.14 - Heartbleed Bug: Tech firms urge password reset
Several tech firms are urging people to change all their passwords after the discovery of a major security flaw.
08.04.14 - Experts advocate public-private partnership to combat cybercrime
With the spate of sophisticated cyber attacks on the Internet at the moment, stakeholders have called for increased collaboration between government and private sector in a bid to develop an information sharing mechanism geared towards blocking rising cases of breach in national security.
08.04.14- Symantec to CISOs: Watch for the 'mega-breach'
Company releases 2013 Internet Security Threat Report, warning organizations that phishing and watering hole attacks can bury them
07.04.14 - Hackers Lurking in Vents and Soda Machines
Unable to breach the computer network at a big oil company, hackers infected with malware the online menu of a Chinese restaurant that was popular with employees. When the workers browsed the menu, they inadvertently downloaded code that gave the attackers a foothold in the business’s vast computer network.
07.04.14 Germany Investigating Data Breach Affecting 18 Million
Three million of the affected people are in Germany, meaning many others are likely impacted
04.04.14 - Hackers nab 158,000 Boxee customer passwords in massive data breach
Anyone with an account on Boxee's customer forums should immediately change their password after hackers made away with details of 158,000 people.
03.04.14 - Video: The moment a sharp-eyed student discovers the cashpoint scam-cam which just filmed his pin number
Daft crooks looking to rip off bank customers ended up filming themselves as they fitted a Birmingham cashpoint with a spy camera.
03.04.14 - Insider Leaks 1,000-page Dossier on BBC Confidential Sources
The UK’s Information Commissioner’s Office has been asked to investigate alleged breaches of data protection laws after a former employee of Films on Record leaked a 1,000-page dossier of confidential information and source material from the BBC to the Mayor of Tower Hamlets
02.04.14 - ICO says anonymous data “not covered” by Data Protection Act - until it's de-anonymised
The Information Commissioner's Office (ICO) has claimed that anonymous data is not covered under the Data Protection Act, meaning that if anonymised patient record data were to be leaked or mis-used it would not consider it against the law - if anyone found out about it.
31.03.14 - Cyber on 5 Live
Mike Gillespie, of cyber-security company Advent IM, and Stephanie Daman, CEO of the Cyber Security Challenge, spoke live on BBC Radio 5 Live about cyber security on Monday morning, March 31.
30.03.14 - Hackers hit Microsoft Word and Excel users with evolved Tor malware
Hackers are targeting Word and Excel users with a sophisticated new data-siphoning malware that hides its movements using the Tor network, according to security firm Trend Micro.
28.03.14 - Cyber security supplier to government scheme
Cyber security supplier to government scheme guidance note and application form
28.03.14 - UK: ICO Plan to 'get better results' includes new way of funding
The UK Information Commissioner's Office (ICO) launched - on 26 March 2014 - its corporate plan for 2014-2017 ('the Plan') following its consultation 'Looking ahead, staying ahead: Towards a 2020 vision for information rights' which was launched in November 2013. The Plan states the ICO's corporate objectives and details the ICO's proposed actions in achieving the objectives.
28.03.14 - Women In Security Awards - nominations now open
Nominate your candidate now. The 2014 Professional Security Magazine – Women in Security Awards are the security profession’s dedicated awards that recognise and honour the accomplishments, value and contributions of women within the wider world of security. This is their third year; the first were presented to some acclaim at the ASIS 11th European Security Conference and Exhibition in April 2012 (See Pics here)
27.03.14 - UK HealthCare Notifies More Than 1,000 Patients of Data Breach
Lexington, Ky.-based UK HealthCare is notifying 1,079 patients their personal health information has been compromised.
25.03.14 - Don’t flout data protection rules, ICO warns law firms
Personal injury firms have been warned they could face fines if they have obtained work through nuisance calls and spam texts.
25.03.14-British Pregnancy Advisory Service £200,000 data protection fine
The British Pregnancy Advisory Service has received a £200,000 fine for breaching the Data Protection Act after an anti-abortion hacker gained access to the personal details of almost 10,000 people through the charity’s website.
25.03.14 - APT attacks use 'news of doomed flight MH370'
A series of advanced cyber attacks have used the lure of news about the disappearance of Malaysia Airlines flight MH370 to infiltrate nation-state and other targets, according to FireEye
24.03.14 - Tor browser app in the Apple app store is fake
For more than two months is is present in the official App Store a fake version of the Tor Browser app. It’s full of adware and spyware.
21.03.14 - ICO decides against probe of Santander email spam scammers
Not enough 'evidence' ... while readers insist unique-to-bank addresses used
18.03.14 - New survey finds many businesses still unprepared for cyber attacks
Over 80 per cent of online businesses are not adequately prepared for cyber attacks and upwards of a third have admitted to not having any concrete plan in place for when an attack strikes.
18.03.14 - ICO Looks Into BT E-Mail Data Breach Claims
ICO looks into claims that BT exposed its users’ email accounts during platform migration from Yahoo Mail
18.03.14 - Man Held Over Morrisons Payroll Data Breach
An employee of supermarket chain Morrisons has been arrested by police investigating the theft of payroll data of up to 100,000 employees.
17.03.14 - Privacy outrage causes bank to ditch plans for targeted ads based on customers' spending habits
Dutch bank ING has stepped back from a plan that would have seen its customers' payment histories used to serve them targeted ads after consumer groups and customers objected.
14.03.14 - Morrisons payroll data stolen and published online
Data from Morrisons’ staff payroll system has been stolen, published on the internet and sent on a disk to a newspaper. The data theft included bank account details.
13.03.14 - ICO investigates BT e-mail data breaches - report
The UK Information Commissioner's Office (ICO) is investigating BT after a whistleblower provided evidence that the e-mail accounts of customers were being compromised by spammers
12.03.14 - Cardiff company fined for failing to register with the ICO
A Cardiff-based green energy deal company, Becoming Green (UK) Ltd, has been prosecuted by the Information Commissioner’s Office after failing to notify the ICO that it handled customers’ personal data.
07.03.14 - Abortion provider BPAS fined £200,000 for data breach
An abortion provider has been fined £200,000 for a data breach that revealed almost 10,000 people's details to a hacker.
05.03.14 - Target Executive Resigns After Breach
The highest-ranking technology executive at Target has resigned, the company said on Wednesday, just one week after it revealed how badly its profits had been hurt during the holiday season by an enormous breach of its system that exposed customer information
05.03.14 - UK financial firms need strict IT security, says expert, as survey finds global rise in fraud and cybercrime
Financial services firms are more likely than non-financial companies to have been the victim of economic crimes such as fraud or theft, according to the findings of PwC's latest review of global economic crime trends
28.02.14 - Briton Charged With Hacking
A 28-year-old British man has been charged with hacking into the US Federal Reserve computer servers and stealing sensitive personal information.
26.02.14 - Systems overhaul required as Treasury Solicitor's Department falls foul of Data Protection Act
Whitehall's largest legal department, the Treasury Solicitor's Department (TSol) is to improve its data protection practices after an independent investigation found it had breached the Data Protection Act four times between 2011 and 2012
26.02.14 - 'Contagious' wi-fi virus created by Liverpool researchers
A computer virus that can spread via wi-fi like a "common cold" has been created by researchers in Liverpool. In densely populated areas with lots of wi-fi networks, the virus can go from network to network finding weaknesses.
24.02.14 - Holder: Companies should disclose data breach
Many companies wary that public notification will hurt their business
24.02.14 - Forensic readiness - the new 'business continuity'
If you don't have good forensic readiness planning and testing in place, you are neglecting a core requirement of good organisational planning, no less than if you failed to have disaster recovery or business continuity planning.
23.02.14 - Hospital records of all NHS patients sold to insurers
Hospital records of all NHS patients sold for insurance purposes days after controversial plans to extract patient data from GP files put on hold
21.02.14 - PSN gets encryption for higher security levels
An encryption service has been announced by the Cabinet Office that will enable public sector staff to share information at the IL3 security level over the Public Services Network (PSN).
20.02.14 - Businesses ignore unknown threats despite cost, study shows
Security breaches cost UK organisations an estimated £1.5bn a year, yet many continue to disregard the next big wave of risk to IT security from unknown threats, a study has revealed.
20.02.14 - University of Maryland hackers access 300,000 records
The University of Maryland has admitted that the personal information of more than 300,000 staff and students has been accessed in a “sophisticated” cyber attack.
19.02.14 - UK firms see 1,000+ internal data breaches a day, study finds
More than 300,000 internal security breaches took place in UK businesses over the past 12 months – an average of 1,190 per working day – a study has revealed.
14.02.14 - Security Think Tank: Before cloud, engage with asset owners
Hybrid cloud or private cloud within a public cloud is an attractive proposition for any business looking to harness the benefits of cloud computing, while acknowledging the need for adequate security layering on differing types of information.
13.02.14 - Thousands hit in Tesco.com attack
Tesco has deactivated some customers' net accounts after their login names and passwords were shared online.
06.02.14 - Universities and science minister unveils £73m big data funding
The government is to plough £73m into big data. Universities and science minister David Willetts unveiled the funding at a conference on high-performance computing today.
06.02.14 - UK critical infrastructure at risk of cyber attack, says IET report
UK critical national infrastructure (CNI) is at risk of cyber attack, says a report by engineering consultancy Atkins.
05.02.14 - Bank of England publishes Waking Shark II cyber security exercise results
The Bank of England has published findings from its Waking Shark II security exercise, which tested the financial sector’s contingency plans for cyber attack.
03.02.14 - Hertfordshire County Council fears cyber attack over banned words email list
Fears of a cyber attack by hackers, or hostile foreign powers, has led a council to refuse to release a list of words banned from its emails.
30.01.14 - @N Hack: GoDaddy Admits Employee Had Been Social Engineered, PayPal Denies It
On Wednesday, we learned that a hacker managed to hijack the coveted @N Twitter username after extorting its owner into handing it over. The former owner of the account, Naoki Hiroshima, has blamed PayPal and GoDaddy for the incident.
30.01.14 - Islington man denies data breach at Royal Berkshire Hospital
A 43-year-old Islington man denied a breach of the Data Protection Act involving patient records at Royal Berkshire Hospital.
30.01.14 - Retailers at high risk of POS attacks
Vulnerable point of sale systems are giving hackers easy access to customer data, with retail organisations top of the hit list.
30.01.14 - BAFTA user data potentially stolen after website "compromised"
The British Academy of Film and Television Arts - BAFTA - has revealed that part of its website has been "compromised by illegal means" and it's not currently guaranteed that hackers haven't made off with details of individuals on the BAFTA Guru mailing list.
28.01.14 - KPMG not looking for 'wannabe Matrix hackers' to fill cyber security skills gap
‘Big Four' professional services firm KPMG's UK head of cyber security Martin Jordan says that he avoids job candidates who want to be hackers, as he believes the required skillset can be found elsewhere.
28.01.14 - One in four UK office workers don't know what phishing is
The ignorance of most UK office workers about phishing, one of the most lethal forms of cyber threat, has been revealed in a new study.
28.01.14 - US and British spies 'get personal data from Angry Birds'
US and British spy agencies routinely try to gain access to personal data from Angry Birds and other mobile applications, a report says.
28.01.14 - Data Protection and Off Shoring Data
Some thoughts on EU Data Protection Day from Advent IM and Security Institute Director, Mike Gillespie.
27.01.14 - Thousands of Coca Cola customers compromised after laptop theft
Beverage maker Coca-Cola has confirmed that the theft of unencrypted company laptops from the firm's headquarters in Atlanta may have compromised information on approximately 74,000 customers.
27.01.14 - Police smash financial cyber crime gang targeting UK citizens
Pan-European cyber crime fighting agency EC3 has been hailed after Polish police arrested five Bulgarians accused of electronic payment card fraud targeting mainly UK citizens.
27.01.14 - Hackers infiltrate Israeli defence computer
Hackers broke into an Israeli defence ministry computer after the user clicked on a tainted email attachment containing malicious software.
23.01.14 - Wymondham College apologises over pupils' data breach
A school has apologised for a data breach in which personal information about students was sent to their teenage classmates.
20.01.14 - NHS England database raises privacy concerns
Privacy groups have raised concerns about NHS England’s plans to create a single database of medical data collected from hospitals and general practitioners
20.01.14 - Cyber security threats growing against users, companies, Cisco says
Cyber security threats continue to plague users and businesses trying to defend against increasingly sophisticated and well-executed attacks, according to the Cisco 2014 Annual Security Report. Cyber security is a major business as Cisco and other companies develop cyber security efforts to protect end-users and businesses.
19.01.14 - Police warn firms over cyber crimes
WILTSHIRE Police are urging businesses in Swindon to get ‘cyber streetwise’ this year.
17.01.14 - Corporate Android users face flaw affecting billions of devices
Corporate Android mobile phone users are warned that potentially billions of apps running on these devices could be hijacked by attackers using a vulnerability first highlighted over two years ago.
16.01.14 - 'Companies are losing the battle against cyber crime' - KPMG auditors
The number of auditors with concerns about cyber security has doubled in the last year and businesses are losing the battle against cyber crime as a result.
16.01.14 - Corporate finance community risk deals collapsing unless cyber security is ramped up, says KPMG
Responding to the publication, today, of a report highlighting cyber security weaknesses in the world of corporate finance transactions, KPMG’s regional head of cyber is urging the UK’s financial community to follow the lead of Boardroom colleagues and prioritise cyber security.
15.01.14 - Business ‘complacent’ about cyber crime and terror risks, says Aon
Cyber crime and terror risks have been severely underrated as major threats affecting businesses in today’s ‘hyper-connected world’, according to an Aon survey of insurance captive directors. - See more at: http://www.theactuary.com/news/2014/01/business-complacent-about-cyber-crime-and-terror-risks-says-aon/#sthash.aTwog2bn.dpuf
14.01.14 - Security Think Tank: Consider security training before high-end technology
In simple terms, the answer to how the Snowden revelations about the National Security Agency (NSA) and GCHQ should be influencing future information security strategies in the UK would be, not at all.
14.01.14 - Patient data could be vulnerable in new NHS database
The National Health Service is to start saving patient data onto a centralised database, but with improved manageability comes concerns over potential breaches and data losses.
14.01.14 - Hackers could compromise car safety
Internet security is becoming as much of an issue in cars as in the home or office as a result of the increasing number of models offering connectivity services.
13.01.14 - Staffs Police face data protection probe over 'drink drivers named' Twitter campaign
Staffordshire Police, who ran a Twitter campaign against alleged drink-drivers over the Christmas period by naming and shaming suspects charged with the offence, are now being investigated by the UK's information watchdog for a possible breach of data protection law.
13.01.14 - Government tells UK SMEs to be 'cyber streetwise'
The government has launched a campaign urging small and medium-sized enterprises (SMEs) to become "cyber streetwise," to reduce the risk of cyber attack
08.01.14 - Putting software security in the hands of the buyer
For far too long, businesses have been at the mercy of software suppliers for ensuring that critical applications are secure.
06.01.14 - UK insurer hacked, loses 100K customer details
Nearly 100,000 Staysure customers may have had their personal details compromised
17.12.13 - Feedback 93% of organisations suffered a data breach in 2013
Some 93 per cent of large organisations experienced a security breach last year, according to a new survey commissioned by the UK Government's Department for Business, Innovation and Skills (BIS). Read more: http://www.itproportal.com/2013/12/16/93-of-organisations-suffered-a-data-breach-in-2013/#ixzz2njI9kQOX
17.12.13 - Pay day loans company fined £175,000 over millions of spam texts
The Information Commissioner’s Office (ICO) has served the pay day loans company, First Financial, with a £175,000 penalty after an investigation discovered that the company was responsible for sending millions of unlawful spam texts
16.12.13 - Home Office Leaks Details Of More Than 1,500 Illegal Immigrants
The confidential information was visible on the Home Office website for two weeks
06.12.13 - The world's biggest data breaches and hacks of 2013
From Facebook to Adobe, 2013 has been a tough year for companies looking to defend against cybercrime
06.12.13 - NatWest online services hit by cyber attack
A deliberate attempt to disrupt services at NatWest left some customers struggling to access online banking on Friday
06.12.13 - ‘Incredible’ SBC data breach –resident claims
A Selkirk man has described his shock at receiving confidential documents from Scottish Borders Council belonging to another Borderer.
04.12.13 - Councils threatened with disconnection from PSN in escalating security row
One London council was just hours away from being disconnected from the public sector communications network, Computer Weekly has learned, in an escalating row between central and local government over security compliance
26.11.13 - NATO launches ‘largest ever’ cyber-security exercises
NATO has kicked off Cyber Coalition 2013, the largest ever exercise of its kind intended to thwart massive, simultaneous attacks on member states and their allies.
Loss of 388 Council Laptops described as 'not a big security breach'
THE loss of hundreds of council laptops potentially containing personal details of council tax payers has been dismissed as 'not a big security breach'.
22.11.13 - Anglesey Council under fire over breaches in sensitive information system
Security and storage standards relating to manual records within the council’s offices were not appropriate
21.11.13 - ICO warns firms to train temps in data protection following Great Ormond Street breaches
The Information Commissioner's Office (ICO) has warned organisations that even temporary workers need data protection training in order to properly prevent against a breach
21.11.13 - Council fined for dumping pension records in supermarket bin wins appeal
A £250,000 fine issued by the Information Commissioners Office (ICO) on the Scottish Borders Council (SBC) over a pensions data breach has been overturned.
20.11.13 - How UK banks contain threats from cybercriminals
The UK's banks are regularly being caught out by cybercriminals, BBC research suggests.
18.11.13 - A third of SMBs unaware they've been cyber attack victims
One-third of small and midsize businesses (SMBs) have no idea if the organisation has been the victim of cyber crime or malicious hackers in the past 12 months, while management in over half of SMEs don't see cyber attacks as significant risks.
14.11.13 - Hundreds of children’s details lost by teacher on unencrypted council memory stick
The £80,000 penalty served by the Information Commissioner’s Office on North East Lincolnshire Council is yet another reminder of the need to train employees about the confidentiality and protection of personal data
13.11.13 - Bank of England hosts bankers to fight cyber war at City's Plaisterers' Hall
The Plaisters' Hall played host yesterday to a number of senior bankers and Bank of England and Treasury officials in a simulated cyber war to see how the banking elite would cope in the event of a massive attack.
12.11.13 - Adobe Sued Over Latest Data Breach
SAN FRANCISCO — After acknowledging last month that hackers gained access to the personal and financial data of 38 million of its active users, Adobe Systems Inc. on Monday was targeted by a class action filed in the Northern District of California.
11.11.13 - Malware analysts regularly investigate undisclosed data breaches
ThreatTrack Security published a study that reveals mounting cybersecurity challenges within U.S. enterprises. Nearly 6 in 10 malware analysts reported they have investigated or addressed a data breach that was never disclosed by their company.
08.08.13 - Council apologises after losing package of sensitive information
Red-faced Royal Borough bosses are making their entire 1,500-strong workforce sit through data protection training after sensitive information sent from another council was lost.
08.11.13 - NSA spying poisons the cloud market
A PriceWaterhouseCoopers survey found 54 percent of German companies find the cloud risky after learning of NSA spying. An earlier study by PwC finds that 84% of CEOs are confident about cyber security. If they only knew the truth.
08.11.13 - Upsurge in CryptoLocker ransomware
The US Government's Computer Emergency Readiness Team (US-CERT) has warned of an upsurge in the CryptoLocker ransomware virus.
07.11.13 - Fear of cyber attack driving a shift from risk-based security, says Gartner
Fear of advanced cyber attacks is driving a shift from tried-and-tested, risk-based security tactics, making them more vulnerable to emerging threats, a survey has found.
06.11.13 - Adobe hack: '123456' tops list of most-used passwords
"123456" tops the list of most frequently used passwords, according to researchers analysing the data dump pulled from Adobe's servers by hackers.
05.11.13 - One quarter of data breach victims suffer identity theft
Of the 16 million people affected by data breaches in 2012, more than a quarter of those went on to suffer from identity theft, according to new research by security firm Javelin
04.11.13 - Government agency compromised by fake Facebook hottie
Using social media profiles and a photo of a real (and consenting) woman, two hackers fooled a government employer into believing she was an employee, conning them out of a company laptop, network credentials, and more.
31.10.13 - Adobe cyber attack to trigger flood of legal action, forecast lawyers
A welter of legal action could tumble out of Adobe’s admission yesterday that it had suffered a far greater breach of data security in a cyber attack earlier this month, leading technology lawyers warn.
30.10-13 - Adobe hack affects 38 million customers
Adobe's data breach is more serious than previously disclosed with 38 million customer accounts hacked
29.10.13 - North East Lincolnshire Council fined £80,000 for losing data on children with special educational needs
North East Lincolnshire Council has been fined £80,000 by the Information Commissioner's Office (ICO) for losing an unencrypted memory stick containing data on children with special educational needs.
28.10.13 - Cyber security: Lawyers are the weakest link
With threats ranging from hacktivists to Chinese spies, it’s time for law firms to get their data security act together
28.10.13 - Top City firm fights off cyber attack
A leading City law firm has fought off sophisticated cyber attacks within the last fortnight, specialists revealed – ramping up fears that hackers view legal practices as a soft underbelly route to stealing sensitive client information.
25.10.13 - ICO Hits MoJ With £140,000 Fine For Data Breach
A serious data breach has led the Information Commissioner's Office (ICO) to impose a £140,000 fine on the Ministry of Justice (MoJ). Announcing the monetary penalty, the UK data protection watchdog said the decision followed its investigation into incidents that exposed sensitive information about the inmates at HMP Cardiff.
17.10.13 - Police warning after drug traffickers' cyber-attack
The head of Europe's crime fighting agency has warned of the growing risk of organised crime groups using cyber-attacks to allow them to traffic drugs.
16.10.13 - ICO slams Royal Veterinary College for lack of BYOD policies after data loss
The Information Commissioner’s Office (ICO) has warned firms of the need to implement proper bring-your-own-device (BYOD) policies after the Royal Veterinary College (RVC) was caught out by the trend when sensitive data, which was stored on a staff-owned device, was lost.
11.10.13 - Payday loans firm rapped for failing to register with Info Commissioner
A payday loans company and its director have fallen foul of the law by failing to register with data-protection officials at the Information Commissioner’s Office
08.10.13 - Cyber crimes costs UK businesses average of £3m per year
Cyber crime costs UK organisations around £3m a year on average, the second annual Cost of Cyber Crime Study has revealed.
08.10.13 - First Financial fined
A pay day loans company based in London and its director have been prosecuted by the Information Commissioner’s Office (ICO) after failing to register that the business was processing personal information.
03.10.13 - Medical records lost on bike ride home
The Information Commissioner’s Office (ICO) has issued Cardiff and Vale University Health Board with an undertaking following a breach of the Data Protection Act.
03.10.13 Addressing the skills gap in information security
In a recent Guardian Media Network survey, we asked 450 media professionals: as an employee, what level of training do you feel you have received against cyber attacks? A remarkable 70% revealed they had received no training whatsoever – 24% answered they had undertaken basic security training, while only 6% said they had received advanced training.
02.10.13 - UK business data theft at record high
Data theft from UK companies by employees is at a record high, according to law firm EMW
01.10.13 - Hundreds of hackers sought for new £500m UK cyber-bomber strike force
The UK's Ministry of Defence wants to recruit an army of computer experts to serve as "cyber reservists" to defend national security.
29.10.13 - North East Lincolnshire Council fined £80,000 for losing data on children with special educational needs
North East Lincolnshire Council has been fined £80,000 by the Information Commissioner's Office (ICO) for losing an unencrypted memory stick containing data on children with special educational needs.
29.10.13 - North East Lincolnshire Council fined £80,000 for losing data on children with special educational needs
North East Lincolnshire Council has been fined £80,000 by the Information Commissioner's Office (ICO) for losing an unencrypted memory stick containing data on children with special educational needs.
27.09.13 - CESG advises government that BYOD is possible, but not recommended
CESG, the information security arm of GCHQ, has advised government that although Bring Your Own Device (BYOD) strategies are possible for public sector organisations, it is not recommended.
27.09.13 - UK Secretly Arrests Schoolboy Over ‘World’s Biggest Cyber Attack’
London schoolboy has been secretly arrested over the “world’s biggest cyber attack” as part of an international swoop against a suspected organised crime gang.
26.09.13 - Barclays employee fined £3,360 for illegally accessing customer data
A former employee of Barclays Bank has been fined £3,360 after being found guilty of illegally accessing a customer’s data.
26.09.13 - Human implants, drones and traffic systems could all be hacked in future, Europol warns
Cyber criminals could soon hack in to unmanned drones, traffic management systems and even medical implants causing death and mayhem, Europol has warned.
25.09.13 - Blisworth fire hits internet users '50 miles away'
People as far away as Birmingham have been left without broadband internet for five days after a fire in Northamptonshire
13.09.13 - Arrests over 'cyber plot' to steal from Santander bank
Twelve men have been arrested over an "audacious" alleged plot to steal millions of pounds from a bank by remotely taking control of a computer.
13.09.13 - Should employees be punished for sloppy cyber security? [POLL]
Should employees face any kind of penalty for poor security hygiene? what about if they have had training? Poll and article.
09.09.13 - UK ICO Criticises Elements Of The Proposed EU Cybersecurity Directive
Last month, the Information Commissioner's Office (ICO) published a response to the government's call for views and evidence on the draft EU Directive on Network and Information Security (NIS Directive). The ICO's criticism stemmed from its experience with mandatory data breach notifications from the telecoms sector and included suggestions for modifying the proposed NIS Directive
02.09.13 - Police learn how to tackle cyber crime at Napier
Police officers across Scotland are heading back to class to brush up on tackling online crime
30.08.13 - ICO fines Aberdeen City Council after social services data posted online
Sensitive information relating to vulnerable children leaked as a result of 'impractical and ambiguous' home working policy
23.08.13 - The Legal Community has Become Part of the Cyber Security Equation, “But Don’t Run Before You Can Walk,” says Global Digital Forensics Founder.
The stakes in the cyber security game have never been higher. Cyber attacks can devastate successfully targeted organizations on many fronts, from cash losses and liability concerns, to losing the trust of clients, vendors and investors, and of course, the publics’ perception of an organization’s integrity, all of which can translate directly to substantial bottom line losses, or worse.
19.08.13 - EU data breach disclosures to be enforced soon
The new European Union regulation requiring mandatory personal data breach disclosures by telecoms operators and internet service providers (ISPs) comes into force on Sunday 25 August 2013.
16.8.13 - PCI Council previews changes to data security standards
The PCI Security Standards Council is giving merchants a first look at changes that could be introduced later this year to its credit card data and payment application security guidelines.
13.8.13 - CESG launches cyber-incident response schemes to ease pressure on GCHQ
The Communications Electronics Security Group (CESG) has launched two new schemes to help organisations obtain the relevant expertise in the event that they are subjected to a cyber-attack.
13.8.13 - Two thirds of consumers don't fully understand how businesses collect and use their data
Businesses are collecting more information about individuals than ever, but almost two thirds of people aren't aware what data about them is being collected or don't know it's being collected at all.
12.08.13 - ICO to investigate London bins that track smartphones
The Information Commissioner's Office (ICO) is making enquiries into a number of bins in London that track passing smartphones to target advertising to its owners.
09.08.13 - Serious Farce Office: SFO suffers biggest-ever criminal data breach
Documents, tapes and data files from BAE Systems investigation go astray as agency blames ‘human error’
09.08.13 - ICO blog: The cost of carelessness - how stats help inform the action we take
Carelessness remains the top reason for data breach incidents according to the ICO.
08.08.13 - Companies avoid cloud due to lack of security skills
Businesses are being deterred from taking up cloud services due to a lack of security skills.
06.08.13 - Not cyber myths: Hacking oil rigs, water plants, industrial infrastructure
Security researchers explain that hacking oil rigs, pipelines, water pumps, industrial facilities, and the power grid are not myths born in the cyber-mist, but realities.
05.05.13 - IT pros' most feared breach consequence is workload
In the event of a data breach, more IT professionals are concerned with having to do more work rather than the fact that the company may lose customers, or even that they might get fired.
01.08.13 - Comment: There’s No Such Thing as Cyber War
Too often, journalists, politicians, and security professionals are quick to declare ‘cyber war’ at the earliest signs of hacking or intelligence gathering between opposing states. True war consists of tragedy and tangible, kinetic impact. It involves injury and death, not just an exchange of information.
31.08.13 - The 2013 Awards Finalists
The 2013 Awards Finalists
30.07.13 - Dating websites 'potentially in breach of data protection act', warns ICO
Four of the UK's biggest online dating websites could be in breach of the Data Protection Act over how they handle users' personal details, the Information Commissioner's Office (ICO) has warned.
30.07.13 - Security professionals report a 'significant' increase in external attacks and internal breaches
UK IT and security professionals believe that external attacks have increased significantly in the past 12 months, while more than half have reported an increased risk of internal data breaches.
22.07.13 - ICO in hot water over Google
The UK’s privacy watchdog is in trouble for letting Google off the hook over illegally collected Street View data. TechWeek has found flaws in Information Commissioner’s Office the investigation of Google’s siphoning of people’s data during its Street View rounds.
19.07.13 - ICO's £250k fine for Scottish Borders Council overruled
Local authority successfully appeals fine imposed after pensions records turned up in a dustbin
19.07.13 - Cyber criminals pose as Soca in latest ransomware threat
Criminals are mounting a new ransomware scam, which locks computers to display a message claiming to come from the UK Serious Organised Crime Agency (Soca) demanding payment to unlock it.
16.07.13 - U.K. Ministry of Defence hit by cyberattack, data stolen
The U.K. government department was victim of a cyber-espionage attack that saw sensitive data stolen by unnamed hackers, a parliamentary report discloses
15.07.13 - NHS Computers With Patient Data Sold On Ebay
An NHS trust has been fined £200,000 by the data watchdog after it sold an old computer which contained the personal details of more than 3,000 patients.
15.07.13 - UK defence industry to fast-track supply chain security
The UK’s newly established Defence Cyber Protection Partnership (DCPP) has adopted an ambitious schedule as it seeks to implement controls to increase supply chain security as quickly as possible.
04.07.13 - ICO publish report on findings from Charity advisory visits
http://www.ico.org.uk/for_organisations/data_protection/working_with_the_ico/~/media/documents/library/Data_Protection/Research_and_reports/outcome-report-charitable-organisations-2012-13.ashx
03.07.13 - Assassin’s Creed developer hacked, exposing user details
Ubisoft is the latest computer games company to be hacked, with usernames, email addresses and encrypted passwords compromised
02.07.13 - UK healthcare is changing - do you know who is protecting your data?
The effects of leaked personal health information can be exceptionally damaging.
01.07.13 - Facebook slurped phone numbers says Norton
Norton has pinged Facebook for slurping Android users' phone numbers without their consent.
01.07.13 - U.K. Parliament wedges head in the privacy sand, plans move to cloud despite NSA spying scandal
Headstrong U.K. parliamentary IT fellows believe, in spite of an ongoing scandal over NSA spying on non-U.S. citizens, a move to the cloud is still a good idea. Here's why it's not
24.06.13 - Home Secretary Theresa May alarmed at revelations that hacking went beyond media and was used by lawyers and private companies
Theresa May, the Home Secretary, has expressed alarm over revelations that hacking went far beyond the media and was routinely used by lawyers and private companies to obtain sensitive information about rivals.
18.06.13 - Call centres in BBC3 programme hit with £225,000 fines
Nationwide Energy Services and We Claim U Gain, part of Swansea-based Save Britain Money Ltd, were responsible for more than 2,700 complaints
18.06.13 - 69% of small businesses don't think data breaches will impact their reputation
As National Small Business Week gets underway in the US, research has revealed that most small businesses are blissfully unaware of the information security risks that may be arrayed against them
17.06.13 - It takes 10 hours to identify a security breach
Businesses are vulnerable to security breaches due to their inability to properly analyze or store big data, according to McAfee.
14.06.13 - Most Data Breaches Caused by Human Error, System Glitches
June 17, 2013— CIO— When it comes to data breaches, hackers and organized crime garner most of the headlines, but most data breaches are caused by human errors and system glitches--application failures, inadvertent data dumps, logic errors in data transfer and more. As a result, educating your employees and making sure they're not cutting corners is a big component in preventing data breaches.
16.06.13 - Hacked off! City investigate claims of online spying by rival clubs Read more: http://www.dailymail.co.uk/sport/football/article-2342849/Manchester-City-investigate-spying-claims-rival-clubs.html#ixzz2XDt9zB3d
Manchester City are continuing investigations into an alleged breach of security involving their scouting reports.
13.06.13 - Cloud computing: how can companies reduce the security risk?
Pravin Kothari outlines a three-step approach to help businesses ensure their information remains secure in the cloud
13.06.13 - Cloud data breach notification: Defining legal obligations
If a breach of security happens in the cloud and no customer is around to hear it, does it make a sound? A silly question perhaps, but it is often surprisingly complicated to ensure that an enterprise will be promptly informed by a cloud provider in the event of a cloud data breach.
10.06.13 - Security engineer revealed to be source of Prism whistleblowing
A former US government IT security engineer has revealed himself to be the whistleblower at the heart of the Prism controversy.
07.06.13 - School codebreaking contest hunts cybersecurity talent
Schools are being urged to sign up for a codebreaking competition aimed at developing the next generation of cybersecurity experts.
07.06.13 - Glasgow City Council fined £150,00 for loss of unencrypted laptops
Glasgow City Council has been fined £150,000 for the loss of two unencrypted laptops, one of which contained personal details of more than 20,000 people.
07.06.13 - Web privacy - outsourced to the US and China?
Overnight, the Guardian and the Washington Post have made startling claims about the extent of the US government's surveillance of web communications.
07.06.13 - Advent IM Security joins the Government’s Procurement Framework -G-Cloud.
Advent IM has a lengthy track record as a Security Consultancy for public bodies and Her Majesty’s Government. The Advent IM Catalogue on G-cloud shows the full range of services available to both public and private sector organisations. G-Cloud is designed to make it easier and faster for those public bodies and departments to procure directly and that now includes expert Security Consultancy from the team of specialists at Advent IM. No longer having to face the convolutions and cost that the tender process can sometimes entail.
04.06.13 - Surveillance Code of Practice Published
The new Surveillance Camera Code of Practice was published today, with police and public authorities in the UK set to be subject to it. Under the new code they will have to prove that a system’s technical capabilities are "proportionate" to their use
04.06.13 - Surveillance Code of Practice Published
The new Surveillance Camera Code of Practice was published today, with police and public authorities in the UK set to be subject to it. Under the new code they will have to prove that a system’s technical capabilities are "proportionate" to their use
05.06.13 - Corporate data loss seen to be a collective responsibility
Three-quarters of respondents to a recent poll believe that data loss is a collective responsibility.
24.05.13 - Butch Cassidy and the hacking kids
The recent media interest surrounding the heist of several million pounds worth of money from cashpoints across the globe highlights the fact that, with the connectivity introduced by the internet age, the definitions of national boundaries have changed beyond recognition.
23.05.13 - Man made redundant fined for stealing sensitive information
When he learned that he was being made redundant from his position as Community Health Promotions Manager at a council-run leisure center, he emailed sensitive medical information on 2471 people to himself to help establish his own new company.
23.05.23 - Prison needed for serious data offences, says Information Commissioner
People who misuse personal information should face tougher penalties, including the threat of prison in the most serious cases, Information Commissioner Christopher Graham has said.
15.05.13 - ICO research finds lack of understanding around EC data protection proposals
According to a survey of 506 businesses by the Information Commissioner's Office (ICO), there is a clear lack of understanding around the proposed EU data reforms, particularly around estimated cost expenditure on meeting data protection responsibilities under the new law.
15.05.13 - e-skills UK unveils cyber security apprenticeships
UK employers have joined forces with skills council e-skills to offer degree-level apprenticeships in cyber security.
14.05.13 - User engagement can help with training, but accidental breaches are hard to prevent
User ignorance is a bigger concern than outsider or internal attacks.
13.05.13 - Cyber criminals hack Washington court system
Hackers have gained access to the personal information of 160,000 US citizens after compromising Washington State court service servers.
09.05.13 - Information assurance certification gives SMEs the edge
IT consultancy Purple Frog Systems believes its gold certification to the IASME information assurance standard for small to medium enterprises give it a competitive edge.
09.05.13 - UK universities get £7.5m cyber security research funding
Oxford University and London University will receive £7.5m government funding for cyber security research.
09.05.13 - Get people, privacy and policy correct before allowing collaborative working via mobiles
Managing control and compliance of mobile is key to collaborative working.
09.05.13 - Privileged account details are often shared and can be a weak entry point for attackers
Privileged user accounts can be a way for attackers to infiltrate an entire network.
07.05.13 - Responsibility should be a consideration when it comes to fines for data losses
Regulatory fines from the Information Commissioner's Office are ‘intelligent', but more responsibility needs to be taken in public sector incidents.
03.05.13 - Security and legal professionals claim 24-hour breach notification will not be a complete burden
The proposed 24-hour breach notification law will be a challenge for smaller businesses, but not for enterprises.
03.05.13 - The proposed 24-hour breach notification law will be a challenge for smaller businesses, but not for enterprises
Technology and data storage developments have left the data protection regulatory model outdated.
03.05.13 - Ninety per cent of passwords 'vulnerable to hacking' - Deloitte
Ninety per cent of passwords are vulnerable to hacking because even supposedly secure passwords typically share common characteristics.
02.05.13 - Most UK firms lack data transfer visibility, study shows
Four out of five UK companies have little or no visibility of data movement, a study has revealed.
02.05.13 - Insider and mobile threats worry IT managers when it comes to data security
More than three-quarters of organisations had experienced some form of data security incident in the last year.
01.05.13 - What WERE they thinking? Internet-enabled cameras under the security lens once again...
IP (internet protocol) cameras are to video surveillance as standalone Wi-Fi routers are to home networks.
30.04.13 - Password Reuse Remains a Danger After LivingSocial Database Breach
The LivingSocial deal-finding network resets the passwords of its 70 million subscribers as a precaution following a data breach.
29.04.13 - Number of breaches increasing due to espionage: Verizon
Latest data breach report finds that state affiliated attacks are on the rise
25.04.13 - ICO shows increasing willingness to penalize the private sector
The latest analysis of ICO monetary penalties (fines) for breaches of the Data Protection Act shows an increase in quantity and size, and a growth in the number of fines outside of the public sector.
24.04.13 - Infosec 2013: ICO dismisses EC's 'tick box' approach to data protection
The data protectionlegislation proposed by the European Commission (EC) takes too much of a "tick box" approach to be effective and will do nothing more than lumbering firms with excessive paperwork, according to the deputy information commissioner, David Smith
24.04.13 - Infosec 2013: Loss of military information could lead to 'wholesale loss of life'
The head of information security at the Military of Defence warned that the loss of sensitive military information through cyber crime could lead to "wholesale loss of life".
23.04.13 - Police apology after staff data sent to G4S
Three police forces have apologised to more than 1,000 staff after accidentally sending their personal details to a private security firm.
15.04.13 - Kent man admits Oxbridge and police force cyber attacks
A man has pleaded guilty to five charges of hacking into police and university websites.
11.04.13 - UK companies unable to stop employees stealing data, study shows
Businesses are placing too much trust in their employees when it comes to safeguarding company data, a study has revealed.
06.04.13 - Pembrokeshire child sex abuse files 'released in error'
Allegations that Pembrokeshire council wrongly disclosed sensitive reports about 10 child sex abuse victims to another victim are being investigated.
04.04.13 - Hackers target Kent Council Council's computer systems
Kent County Council has been victim to dozens of attempted cyber attacks and three bogus callers trying to access personal information.
28.03.13 - US to conduct 'cyber espionage review' of Chinese-made IT
The US government is to introduce a "cyber espionage review" process into future purchases of IT after the measures were passed in a new funding law signed this week by President Obama
20.03.13- Glasgow company fined £90,000 as ICO tackles nuisance calls
The Information Commissioner’s Office (ICO) has served a monetary penalty of £90,000 to a company that has blighted the public with thousands of unwanted marketing calls.
19.03.13 - Researchers find cloud storage apps leave files on smartphones
Researchers at the University of Glasgow have found that cloud storage apps that say they send files to the cloud also leave retrievable versions of files on the devices.
12.03.13 - Medical receptionist prosecuted after unlawfully accessing patient’s details
A former receptionist at a GP surgery in Southampton has been prosecuted by the Information Commissioner’s Office (ICO) for unlawfully obtaining sensitive medical information relating to her ex-husband’s new wife.
08.03.13 - Plain text lesson from Evernote hack
The recent Evernote hack which forced passwords to be reset highlights the importance of not storing passwords in plain text.
07.03.13 - Judge Dismisses Data-Breach Lawsuit Against LinkedIn
Handing a victory to LinkedIn, a federal judge has dismissed a potential class-action lawsuit alleging that the social networking service failed to deploy adequate measures to secure users' log-in credentials.
07.03.13 - 'Personal devices in the workplace risk personal data breaches'
A 'laissez faire' attitude to people using their own smartphones and tablet computers for work purposes could place personal data at risk, the Information Commissioner's Office (ICO) has warned.
06.03.13 - RSA Conference delegates claim current technology is no longer effective
Standard security technology such as anti-virus, firewalls, intrusion detection and protection are no longer effective.
02.03.13 - Dropbox may suffer a spam hangover from its data breach
ome Dropbox users are complaining about unusual volumes of spam directed at them and that they've linking to a data breach more than a year ago at the cloud storage service.
01.03.13 - UK—ICO Calls for Changes to Draft Data Protection Regulation
The UK data protection authority (the ICO) has published further views on the reform of EU data protection rules, following the release of the European Parliament LIBE Committee's report on the regulation.
27.02.13 - Bank of America says data breach occured at other company
The data appears to come in part from a security contractor working with the bank
25.02.13 - Hackney Council in personal data breach
Exclusive: Investigation finds residents’ personal data published on council website
25.02.13 - Information security body highlights skills shortage
(ISC)2 claims shortage of information security professionals is causing an economic ripple across the globe.
15.02.13 - ICO urges more care with personal data as Nursing and Midwifery Council receives £150,000 penalty
The Information Commissioner’s Office has urged organisations to review their policies on how personal data is handled, after the Nursing and Midwifery Council was issued a £150,000 civil monetary penalty for breaching the Data Protection Act.
11.02.13 - 2012 Sets New Record for Reported Data Breaches
With 2,644 incidents recorded through mid-January 2013, 2012 more than doubled the previous highest year on record (2011).
11.02.13 - 10 Head-Slapping Data Breaches
10 Data Breaches from Bloomberg to make you facepalm...
08.02.13 - 2e2 datacentre administrators hold customers' data to £1m ransom
2e2, the datacentre service provider and systems integrator that went into administration in January, is asking its customers for nearly £1m in funding if they want uninterrupted services and access to their datacentre facilities.
05.02.13 - Government intervention scares users from using the cloud
A fear of government snooping is deterring IT departments from using the cloud.
04.02.13 - Report highlights global concerns over government handling of cyber security
Two-thirds believe governments are not adequately protecting critical network infrastructure
04.02.13 - US tech giants criticised for lobbying against EU data privacy laws
American technology giants including Google, Yahoo and Amazon have been criticised by privacy groups and European regulators for lobbying in Washington against new EU data privacy laws.
03.02.13 - Twitter users attacked by cyber criminals
A quarter of a million Twitter accounts have been compromised by hackers, according to the social network.
29.01.13 - Hackers squeeze through DVR hole, break into CCTV cameras
Miscreants can copy, delete streams and even control the device
29.01.13 - They didn't predict that: Astrologers! blamed! after! Yahoo! hack!
Weaknesses in cloud security and third-party code allowed a hacker to compromise Yahoo! systems last month, according to an analysis of the purported breach.
23.01.13 - Understanding the bring-your-own-device landscape
The rising use of personal technologies for work-related activities has coined the phrase Bring-Your-Own-Device (BYOD). It is a trend that has potential to bring substantial benefits to enterprises, but can equally present considerable risks and implementation challenges.
22.01.13 - Proposed EU data breach laws will require proactive security
Proposed European Union data breach notification laws will require proactive network security
22.01.13 - Exclusive: UK firms seek to limit ICO powers in data protection shake-up
Leading UK firms and organisations have expressed concern with the Information Commissioner's Office (ICO) having too much power to audit data
21.01.13 - Patient data revealed in medical device hack
Researchers have exploited critical vulnerabilities in two popular medical management platforms used in a host of services, including assisting surgeries and generating patient reports
21.01.13 - Business Continuity and the joy of getting it right
Re-post of popular business Continuity blog with CMI stats
21.01.13 - On a knife edge - are businesses ready for the proposed new EU data protection legislation?
A year on since the EU Commission announced proposals to revise data protection legislation, businesses are in a state of flux as they prepare for potential change.
17.01.13 - US plants hit by USB stick malware attack
Two power plants in the US were affected by malware attacks in 2012, a security authority has said.
17.01.13 - Security firm Secarma recovers data from drives bought on eBay
Formatting hard drives does not necessarily delete data stored on them, a security firm has warned.
16.01.13 - Cloud security key to BYOD, (ISC)2 study shows
Businesses welcome bring your own device (BYOD) policies for the operational cost savings and user experience, according to the (ISC)2 2013 Global Information Security Workforce Study.
15.01.13 - Depth of UK opposition to the EU Data Protection Regulation exposed
In November 2012, the Justice Select Committee opined that the proposed EU Data Protection Regulation ‘cannot work’ and is 'a regime which no-one will pay for’. Last week the UK Ministry of Justice (MoJ) published its formal response: it agrees.
15.01.13 - 90% of passwords can be cracked in seconds
More than 90% of user-generated passwords can be made vulnerable to hacking in a matter of seconds, according to new research from Deloitte.
11.01.13 - Information security: The role of HR
In 2004, Royal Bank of Scotland found itself and its email policy under scrutiny when an employment tribunal found in favour of an ex-employee.
09.01.13 - UK military at risk of cyber attack, warn MPs
UK military reliance on technology could leave it fatally compromised by a sustained cyber attack, say members of the parliamentary defence select committee.
08.01.13 - Businesses overconfident about cyber security, says Deloitte
Businesses are overconfident about cyber security and should treat data security breaches as inevitable, says business advisory firm Deloitte.
07.01.13 - Ernst & Young email keyword analysis identifies fraudsters
Fraud investigators have revealed the most common words used in email conversations by employees engaged in rogue trading and fraud.
03.01.13 - UK to launch public cyber security awareness campaign
The Cabinet Office is to launch a public cyber security awareness programme early this year aimed at improving the online security of consumers and small and medium enterprises (SMEs).
18.12.12 - Information Commissioner slams councils after four data breaches
Four local councils have been fined a total of over £300,000 for serious data breaches by the Information Commissioner, who has criticised local government’s attitude towards protecting personal data.
18-12.12 - Data breach findings revealed for Lifeline Service
The findings of an independent review into a serious data breach at the Derry offices of a crisis helpline service have been published.
12.12.12 - With BYOD, data breaches just waiting to happen
Smartphone insecurity means healthcare patient information, for one, remains at high risk, studies find
12.12.12 - TechWeekEurope Readers Support Mandatory Data Breach Reporting
Name and shame when a data breach shows slack procedures, say our readers
06.12.12 - Vast majority of public sector organisations lack BYOD policies
The majority (87%) of public sector organisations have no formal bring-your-own-device (BYOD) strategy, according to Freedom of Information research.
05.12.12 - O2 warns customers about possible personal data loss
O2 and IT partner IBM have revealed a back-up tape potentially containing customers' personal data has been lost, more than a year after it went missing in Ireland.
04.12.12 - Over half of CIOs fail to test cloud vendors' security
Over half of CIOs fail to test cloud vendors' security systems and procedures before selecting the provider, according to a survey of 250 senior IT decision-makers.
30.11.12 - Maude: UK is in stronger cyber security position than a year ago
On the anniversary of the inception of the UK cyber strategy, Maude, who oversees the strategy, has claimed that the UK is in a stronger position than a year ago but that there is still much work to be done.
21.11.12 - ICO publishes best practice code on anonymisation of data
The Information Commissioner's Office (ICO) has published a data protection code of practice on managing the risks related to anonymisation.
14.11.12 - NHS set to challenge ICO fine
An NHS trust is to challenge a monetary penalty notice issued by the Information Commissioner's Office (ICO) in a case that could set an important precedent
14.11.12 - Coming ready or not: NHS records to go online from 2015
An NHS mandate – the first ever – has committed the National Health Service to put all medical records online by March 2015. The mandate also extends to booking GP appointments and ordering repeat prescriptions.
09.11.12 - HSBC investigates alleged loss of client data in Jersey
(Reuters) - HSBC, Europe's biggest bank, said on Friday it was investigating the alleged loss of data for clients in Jersey but had not been notified of any
09.11.12 - 70% of cloud data centers keep customers in the dark about storage locations
As more companies turn to the cloud to provide redundancy and back-up services for mission-critical business functions, connectivity and applications, new research has revealed that a full 70% of cloud backup providers do not inform customers of where the data is being physically kept
09.11.12 - Shareholders kept in the dark on data breaches
SEC has regulations, but there is plenty of room for interpretation
08.11.12 - BT backs crackdown on metal theft
The telco, which is a regular victim of copper cable theft, is a key supporter of new initiatives intended to combat such theft by cracking down on rogue scrap metal dealers
08.11.12 - Hackers expose list of Navy email logins
Hackers claiming to be affiliated with Anonymous have exposed a list of Navy email logins after breaking into Queen's Harbour Masters websites
07.11.12 - ICO hands Prudential £50,000 data mismanagement fine
Financial services organisation hit with financial penalty after account merger error
05.11.12 - China fingered for Coca Cola hack - report Several big name multinationals kept quiet about breaches
Suspected Chinese hackers launched damaging cyber raids on several big name multi-nationals over the past few years, including Coca Cola, according to new reports
05.11.12 - UK public sector tops £2m in data handling fines
Public sector organizations in the UK are leaking money thanks to a full £2 million in fines that councils, the NHS, police forces and others have seen in response to poor data handling.
05.11.12 - Bonfire Night sets internet AFLAME: Anons claim PayPal, Symantec Bigger fireworks as hacktivists raise their sights
Anonymous claims to have leaked 28,000 passwords from PayPal as part of a a global day of protest to mark 5 November, Guy Fawkes night
01.11.12 - EU data reform should go back to drawing board, says UK parliamentary committee
The House of Commons Justice Committee thinks the European Commission's proposals for reformed data protection rules are too prescriptive, and the Commission should 'go back to the drawing board'.
01.11.12 - Solent NHS Trust patient data left at market stall
Patients' confidential information has been left at a market stall and on top of a parking meter in a series of data breaches by Solent NHS Trust.
31.10.12 - Police net suspected phishing gang
UK police have arrested three men suspected of being involved in thousands of phishing attacks on banking customers.
31.10.12 - One million Facebook users' names and email addresses: $5
Name and email addresses of Facebook users are available online at prices as low as $5 per million
30.10.12 - Experian Customers Unsafe as Hackers Steal Credit Report Data
When hackers broke into computers at Abilene Telco Federal Credit Union last year, they gained access to sensitive financial information on people from far beyond the bank’s home in west-central Texas.
29.10.12 - Companies increasingly aware of data breach and cyber liability risk, says expert
Businesses are becoming increasingly aware of insurance products that protect against the risks posed by data breaches and liability for other cyber incidents, an expert has said
29.10.12 - Ernst & Young's IT security survey shows struggle to control cloud computing, social media and mobile risks
Many CIOs and chief information security officers are struggling to adapt security practices to a changing environment that includes cloud computing, social media and tablets , according to a survey of 1,850 such IT pros.
29.10.12 - Unbalanced alignment
Information security needs to become a board-level priority and its executives need to have a seat at the boardroom table
26.10.12 - ICO fines council £120,000 for crypto email fail
Stoke-on-Trent City Council has been fined £120,000 for failing to use proper cryptography, resulting in the details of a child-protection case being shared with the wrong people
19.10.12 - Call made for PCI requirement on setting policies to be more prominent
Requirement 12 of the payment card industry data security standard (PCI DSS) needs to become requirement one.
19.10.12 - Small merchants claim that costs are a major hindrance when it comes to PCI DSS compliance
Cost and education are the biggest hindrances and failings around PCI compliance
18.10.12 - SMBs Need to 'Feel' Cyberthreat to Act Small Enterprises Don't Perceive They'll be Attacked
Read the headlines about data breaches and cyberattacks, and the victims seem to be big banks, big government and big business. No wonder the perception exists among many operators of small- and midsize enterprises that attackers don't prey on the little guy.
18.10.12 - Janitorial shredding mix-up causes data breach impacting 13K
A mix-up by a janitorial services firm is the source of a data breach at a Springfield, Mo., radiology group practice. Nineteen-member Litton and Giddings Radiological Associates (LGRA) has notified about 13,000 patients who had billing activity between July 23 and Aug. 2, 2012.
17.10.12 - With breaches inevitable, 'behavioral whitelisting' bolsters fight
In the world of cyberthreat defense, security experts and vendors have conceded that it is a matter of "when," not "if," an enterprise will be breached.
16.10.12 - TD Bank "misplaced" the unencrypted data of 267,000 customers
Toronto-Dominion (TD) Bank is notifying customers about a mishap that may have exposed the personal details of more than a quarter million people
16.10.12 - Police force fined £120,000 for data breach
Greater Manchester Police has been fined £120,000 by the Information Commissioner's Office (ICO) for failing to take appropriate measures against the loss of personal data
15.10.12 - NHS trust reports loss of laptops and desktop computers
Lanarkshire NHS has admitted to a catalogue of losses of IT and medical equipment.
15.10.12 - Public sector still struggling on data compliance says ICO
The private sector is leading the way on data protection compliance as the public sector continues to struggle, according to the Information Commissioner’s Office (ICO) which has published a series of reports.
12.10.12 - Enquiries at Essex over data security incidents
Investigations have been launched into a possible data security breach at Essex County Council, after files were discovered in a disused building, the BBC has reported.
11.10.12 - Do Not Track standard needs action says commissioner
European commissioner Neelie Kroes has accused members of the online industry of watering down a standard designed to protect consumers' privacy on the web.
10.10.12 - Essex County Council 'sensitive' data found in building
An investigation is under way into how "sensitive" information belonging to Essex County Council ended up in a disused building.
04.10.12 - HD CCTV technology risks breaching human rights
The increasing sophistication of surveillance technology could breach people’s human rights, the UK’s surveillance camera commissioner has warned.
04.10.12 - Businesses to face tougher penalties for data breaches
Businesses will face tough penalties for failing to secure personal data under new European legislation.
04.10.12 - Cloud on the horizon for data-handling outsourcing
Regulator moves to remind businesses of data responsibilities as more look to cloud computing to process personal information
04.10.12 - Europe Ramps Up Cyber Attack Testing With Second Simulated Pan-Europe DDoS
Three hundred IT security professionals from across Europe are locking horns in a simulated cyber war exercise taking place today which — if it were a real attack — would be capable of disrupting services for millions of Europeans
27.09.12 - IEEE confirms 100,000 user credentials were stored unencrypted on a public FTP site
The Institute of Electrical and Electronics Engineers (IEEE) has confirmed that it suffered a major data breach a week ago.
27.09.12 - Olympic security: BSIA responds to Home Affairs Committee report
Now that the Home Affairs Committee has published its report on Olympic Games security, the BSIA is being clear and positive in its defence of the industry.
27.09.12 - CPS grovels after leaking IDs of hundreds arrested during student riots
Exclusive A botched response to a Freedom Of Information Act request could be about to cost the Crown Prosecution Service (CPS) dear. Prosecutors have issued grovelling apologies after revealing the identities of over a hundred people who were arrested during the tuition-fee riots but subsequently released without charge.
24.09.12 - Forrester: Most data breaches caused by employees
Most data breaches are caused by mundane events such as employees losing, having stolen or simply unwittingly misusing corporate assets, a Forrester Research report has found.
24.09.12 - Data register blunder hits No campaign
The Information Commissioner's Office (ICO) said the Better Together campaign fronted by former Labour Chancellor Alistair Darling failed to register to process personal data.
21.09.12 - Dumfries and Galloway Council data improvements advised
A long list of recommendations to improve data security has been issued to a council which accidentally released confidential staff records.
21.09.12 - ICO: 'We are pressing for custodial sentences'
The Information Commissioner's Office (ICO)has admitted that it is ‘pressing for' custodial sentences for malicious data loss.
20.09.12 - Secret papers in street
AN INVESTIGATION was launched this week after confidential papers about mental health patients - including personal details, medical records and care plans - were found ‘blowing around’ in Sheffield city centre.
20.09.12 - ICO and Ofsted agree encryption needed in schools
As the new academic year begins, two UK regulatory bodies have issued new guidelines that raise the bar for school security: the ICO advises on data protection while Ofsted indicates it will include schools’ e-safety in future inspections.
17.09.12 - US collecting citizens’ data illegally, says whistleblower
The US is collecting huge amounts of data on its citizens, according to former National Security Agency (NSA) official Bill Binney.
17.09.12 - Edinburgh City Council Suffers Security Breach
An unencrypted laptop containing sensitive information on local children was stolen from a consultant's home.
17.09.12 - Cloud uptake rises but security concerns remain
CIF survey showed that, while the rate of adoption has accelerated, concerns over cloud computing security issues remain high.
15.09.12 - Schools to teach children the dangers of Facebook
Teachers will be provided with resources on the potential risks of posting information online and explaining to primary and secondary pupils the rights they have to demand websites delete their data.
13.09.12 - Malware inserted on PC production lines, says study
Cybercriminals have opened a new front in their battle to infect computers with malware - PC production lines.
12.09.12 - The CCTV in your child's school toilet: More than 200 admit using cameras in loos and changing rooms
More than 200 schools are using CCTV cameras in toilets or changing rooms, figures showed today.
12.09.12 - Threat of massive fine over Sheffield council data breach
SHEFFIELD Council could be fined up to half a million pounds for breach of the Data Protection Act after confidential paperwork about mental health patients was found ‘blowing around’ a city centre street.
11.09.12 - ICO fines council £250,000 after paper records dumped in recycling
Scottish Borders Council has been fined £250,000 by the Information Commissioner's Office (ICO) after former employee details were found in a paper recycle bank.
05.09.12 - 10 steps to cyber security
Currently, too few company chief executives and chairs take a direct interest in protecting their businesses from cyber threats.
04.09.12 - IT audit reveals major device loss at Glasgow City Council
Glasgow City Council has lost 750 devices over the last five years according to an IT audit.
04.09.12 - Unapproved applications haunt networks
A third of IT professionals have reported a network infection as a result of an unauthorised application being downloaded on their network.
04.09.12 - Antisec releases over a million Apple #UDID after Java-enabled FBI breach
Over a million Apple Unique Device Identifiers (UDIDs) have been posted online after hackers claimed to have obtained them from an FBI breach.
30.08.12 - UK data breaches up 1000% in five years
Imation today released figures obtained through a request under the Freedom of Information Act which show that data breach numbers in the UK have increased by more than 1000% in the past five years.
30.08.12 - Insider threats evolving, still main risk
Rogue employees are collaborating with third parties to commit cybercrimes, with their key focus shifting from financial thefts to corporate espionage.
30.08.12 - CCTV: Bungling shop thief unstuck by a door
A man from Oxfordshire had to be helped in his escape from the shop he had just robbed by staff who watched him pushing a pull door
22.08.12 - Security Breach Exposes 400 People's Personal Data
"Names, addresses and financial information about people in 'substantial' and 'critical' need of care were sent from the Adults Health and Community Wellbeing Department to a computer outside of County Hall," The Essex Chronicle reports. "A council staff member was sacked following the breach, which was reported to Essex Police and the Government's Information Commissioner."
22.08.12 - French government’s top secret plans detailing how to make their buildings more secure are stolen after Inspector Clouseau-style blunder
Top secret documents containing plans to make French government buildings more secure have been stolen.
21.08.12 - Philips hacked, plaintext passwords revealed as R00tbeer gang strikes again
Sadly, r00tbeer has done it again, this time attacking Dutch technology giant Philips and digging out data from a range of Philips-branded sites.
20.08.12 - ICO to investigate Tesco following data security claims
The Information Commissioner's Office (ICO) is to investigate Tesco after research revealed failings in the retail giant's security.
21.08.12 - McAfee's defected update causes user chaos
McAfee users had their internet access severed and were left exposed to malware after the company issued an anti-virus update containing glitches
20.08.12 - More than 1,000 school application details leaked on the internet
Sensitive personal information about more than 1,000 children has been published on the UK Independent Schools Guide website after an alleged cyber attack.
14.08.12 - ICO data security warning notices increase year on year
The Information Commissioner's Office (ICO) has issued 68 warning notices for data security lapses in the first half of this year, up by 22 from this point last year.
09.08.12 - Information Commissioner's Office offers charities data protection tips
Many charities are struggling to look after sensitive data held on clients.
09.08.12 - SMEs concerned over G-Cloud accreditation delay
The pan-government accreditation process on G-Cloud services for information deemed sensitive is being carried out by IT security arm CESG. No supplier has yet won accreditation for security impact levels above zero.
09.08.12 - Nearly half of firms supporting BYOD report data breaches
Nearly half of enterprises that allow employee-owned devices to connect to a company’s network have experienced a data breach, a study has revealed.
08.08.12 - Google Wallet in the cloud shows ulterior motive
Google's decision last week to put its Google Wallet e-wallet system into the cloud is not sitting comfortably with security experts.
07.08.12 - Devon NHS trust left data of 1,373 staff online for MONTHS - Must cough up £175k
A painful £175,000 fine has been slapped on a health trust in Torquay, Devon, after it published sensitive details of nearly 1,400 employees on its website.
07.08.12 - Survey reveals reality of data encryption in the cloud
Almost two-thirds of businesses that transfer sensitive or confidential data to the cloud believe the provider is responsible for protecting that data
08.08.12 - Apple and Amazon security lapses exposed after writer has 'entire digital life' destroyed by hackers in minutes
A leading tech writer has revealed how easy it was for his ‘entire digital life’ to be destroyed in less than an hour - and how Apple security lapses mean it can happen to you.
06.08.12 - Online gambling industry 'ignores' data protection and privacy laws
Simon Davies, founder of Privacy International, has blasted the online gaming industry for inadequately protecting gamblers' privacy and failing to adhere to basic principles of data protection.
02.08.12 - Lancashire bar owner prosecuted for failing to register CCTV equipment
A Lancashire bar owner has been prosecuted by the Information Commissioner’s Office (ICO) for failing to register his premises’ use of CCTV equipment.
02.08.12 - Islington Council accidentally leaks data after posting information to My Society website
Islington Council experiences a data leak, with sensitive information about residents posted online for two weeks.
02.08.12 - Unencrypted computer with patient information stolen from CT hospital
An laptop computer stolen from a business associated with Hartford Hospital and its sister home-health care group contains personal information of nearly 10,000 patients, the hospital said Monday.
01.08.12 - Dropbox gets hacked ... again
After last year's embarrassing data breaches, Dropbox promised to implement additional safeguards "to prevent this from happening again." Whoops, it just happened again.
27.08.12 - Google admits to ICO it still has some UK Wi-Fi data
Google has admitted to the Information Commisioner's Office that it failed to delete all the Wi-Fi data collected by its Street View vehicles.
27.08.12 - NatWest blames hardware failure for latest outage
NatWest has admitted the outage it suffered on Thursday 26 July was down caused by a hardware failure in one of its datacentres.
25.07.12 - Council ordered to stop unlawful recording of taxi passengers’ conversations
Southampton City Council has been ordered to stop the mandatory recording of passengers’ and drivers’ conversations in the city’s taxis, the Information Commissioner’s Office (ICO) announced today.
24.07.12 - Eight Million Email Addresses And Passwords Spilled From Gaming Site Gamigo Months After Hacker Breach
Call it a slow leak. Four months after the gaming site Gamigo warned users about a hacker intrusion that accessed some portions of its users’ credentials, more than 8 million usernames, emails and and encrypted passwords from the site have been published on the Web, according to the data breach alert service PwnedList.
23.07.12 - Former government deputy CIO slams UK cyber security
Former government deputy CIO Bill McCluggage has hit out at the way the government approaches cyber security, describing the pace of change as "glacial".
23.07.12 - Organisation apologises after confidential files found
The Information Commissioner's office says it has been informed about the serious data protection breach involving a helpline charity in Derry.
23.07.12 - Security outsourcing: anything to learn from the G4S experience?
Recent events with G4S and LOCOG/the government’s procurement of security for the Olympics will clearly not be leaving the headlines any time soon. Indeed you could be forgiven for thinking this was a security event, not a sporting one. Is there anything to be learnt from the Olympic security outsourcing? A good place to start would be to understand how organisations source physical security.
20.07.12 - Council could face prosecution after social work laptops containing children's data is stolen in raid
LAPTOPS containing highly sensitive personal data involving children have been stolen from a council social work base
18.07.12 - Tech firm iCity wins datacentre bid for Olympics media centre
IT company iCity has been selected as preferred bidder to turn the Olympics media centre into a datacentre.
18.07.12 - Closure of forensic archive a 'shambles', experts warn
The closure of the forensic science archive in England and Wales will cause miscarriages of justice and stop police solving crimes, senior politicians, scientists and lawyers have warned.
16.07.12 - 50% Job leavers steal confidential company data
New details from Iron Mountain show the extent to which employees leaving employment will take confidential company data with them when they go.
16.07.12 - ICO fines NHS trust after personal details were sent to old address
A monetary penalty of £60,000 has been issued to St George's Healthcare NHS Trust in London after sensitive medical details were sent to the wrong address.
16.07.12 - Yahoo! fixes vulnerability that led to password breach and apologises to users
Yahoo! has said that it has fixed the vulnerability that led to around 400,000 user email addresses and passwords being compromised.
13.07.12 - Credit card details openly available on Google
Customer databases that include credit card numbers can be found by searching on Google.
13.07.12 - Mobile phone users sorely mistaken about how much privacy they have
Resounding "no" to data collection in theory, even if it's a "yes" in practice.
12.07.12 - Yahoo! hack! leaks! 453,000! unencrypted passwords!
A Yahoo! service has apparently succumbed to a simple database attack that leaked 453,000 unencrypted account passwords online.
10.07.12 - Brits are Europe's most worried about shopping online
More than half of UK citizens are worried about the security of online payments mechanisms, making the UK the least confident European country about payments security, according to the European Commission
09.07.12 - Google hired former UK data privacy official
Google UK's privacy policy manager held a senior role at the UK's data privacy watchdog during the time of its original probe into Street View
06.07.12 - Google Android smartphones hijacked by spam botnet
Smartphones running Google's Android operating system (OS) have been hijacked by a botnet, according to a Microsoft researcher.
05.07.12 - ICO shows its teeth, as the public’s concern over illegal marketing calls grows
Organisations are learning the hard way of the consequences of mishandling people’s information – and others need to heed the lessons the Information Commissioner, Christopher Graham, warned today at the launch of the ICO’s 2011/12 annual report.
05.07.12 - Cancer patients 'may have suffered' as records lost
Cancer patients may have died or suffered complications after a leading hospital lost their medical records and then played down the risk of them missing life-saving treatment, it has been alleged.
04.07.12 - SC Total Security Conference: ICO talks about need for encryption
The Information Commissioner's Office (ICO) has talked about the need for encryption to be used efficiently and for businesses to be aware of their dataset.
03.07.12 - Baltic cyber bank burglars cop hefty porridge spell
A trio of cybercrooks that used malware to carry out electronic banking fraud have been jailed.
03.07.12 - West Mercia Police employee suspended in data breach probe
A police staff member has been suspended pending inquiries into a possible Data Protection Act breach.
03.07.12 Facebook 'Fiasco worse than thought'
Remember when Facebook changed all of our default email accounts to their own, unused system, without informing any of us? That was fun! But it looks like the problem could be much wider and more damaging than it first seemed.
03.07.12 - Analysis: Businesses are not securing virtual environments. Why?
IT often virtualises new applications and workloads by default. Virtualisation is now the norm, deploying a physical server the exception. Yet, a third of companies admit they have not invested in security for their virtual computing environments. Why not?
29.06.12 - Network security: Is new technology bypassing traditional controls?
Network security controls and practices are among the most mature, but can businesses be sure that some network traffic is not sneaking past traditional controls, especially with the recent proliferation of new mobile wireless and other IP-enabled devices?
29.06.12 - FTC sues Wyndham Worldwide hotel group over data breaches
The US Federal Trade Commission (FTC) has filed a complaint against hotel group Wyndham Worldwide and three subsidiaries for claims that it failed to secure customer data.
29.06.12 - Police outsourcing proposed for East of England forces
Police from three counties in the East of England have been given the go-ahead to investigate outsourcing "backroom" services to tackle a £73m funding gap.
28.06.12 - How UK banks are flirting with IT disaster
NEWS The systems meltdown that hit NatWest customers is an accident waiting to happen to many UK banks, analysts have warned, as financial institutions try to balance cost-cutting with the need to modernise their IT.
27.06.12 - RBS set to sue supplier CA Technologies for software failure
RBS is said to be considering legal action against CA Technologies, following the debacle of the past week which left millions of customers unable to access their funds.
27.06.12 - 'Inexperienced' RBS tech operative's blunder led to banking meltdown -Hyderabad job ad shows outsourcing in CA-7 team
Exclusive A serious error committed by an "inexperienced operative" caused the IT meltdown which crippled the RBS banks last week, a source familiar with the matter has told The Register. Job adverts show that at least some of the team responsible for the blunder were recruited earlier this year in India following IT job cuts at RBS in the UK.
27.06.12 - Six arrested in the UK in worldwide FBI-led credit card data sting
Law enforcement officers have arrested six people in the UK and 12 in the US in an FBI-led sting operation that netted a total of 24 credit card cyber fraudsters in 13 countries.
27.06.12 - Confidential documents left by garden gate
The prison service says an investigation is underway after a woman from Northamptonshire found confidential records on inmates and criminal cases dumped by her garden gate.
26.06.12 - MI5 fighting 'astonishing' level of cyber-attacks
MI5 is working to counter "astonishing" levels of cyber-attacks on UK industry, the organisation's chief has said.
25.06.12 - Menshn dismiss claims of major security flaws
The social network ‘Menshn' has been reported to have been rife with security flaws and ‘is being exploited left right and centre'.
22.06.12 - Twitter blames cascading bug, rather than hackers, for yesterday's outage
Twitter has said that a ‘cascading bug' was responsible for a service outage yesterday afternoon and not a cyber attack.
22.06.12 - PayPal to offer financial rewards through bug bounty program
PayPal is to update its bug bounty programme, with financial rewards offered for the severity of the flaw.
19.06.12 - Belfast Trust fined £225,000 after leaving thousands of patient records in disused hospital
Belfast Health and Social Care (BHSC) Trust has been served with a Civil Monetary Penalty (CMP) of £225,000 following a serious breach of the Data Protection Act (DPA), the Information Commissioner’s Office (ICO) said today.
13.06.12 - ICO re-opens Google Street View Wi-Fi data investigation
The UK's Information Commissioner's Office is to re-open its investigation into the collection of Wi-Fi data by Google's Street View vehicles as they collected images for Google Maps.
13.06.12 - Merchant Information May Have Been Stolen From Global Payments
Hackers might have stolen the personal information of individuals who applied for a merchant account with card payment processor Global Payments.
12.06.12 - Laptop with bank details stolen
A council is having to write to almost 38,000 customers after a laptop containing personal data, including bank account details, was stolen during an office break-in.
12.06.12 - Dumfries and Galloway Council makes childminder data apology
A council has apologised "unreservedly" after details of thousands of childminders were "inadvertently" sent to a number of childcare providers.
07.06.12 - Facebook to release ID of users who abused woman online
A woman who was abused on the internet has won court backing in her bid to gain the identities of those who targeted her.
06.06.12 - Former MI5 boss loses laptop
The former boss of the UK's MI5 security service has caused a security scare by losing her laptop at Heathrow.
06.06.12 - ICO issues £90,000 fine to council for two incidents of personal information disclosure
The Information Commissioner's Office (ICO) has issued a monetary fine of £90,000 to Telford and Wrekin Council after two incidents of sending sensitive information to the wrong recipient.
01.06.12 - ICO hits NHS Trust with biggest penalty to date
The Brighton and Sussex University Hospitals NHS Trust has been hit with £325,000 monetary penalty for breaching the Data Protection Act.
31.05.12 - London Internet Exchange hit by suspected DDoS attack
The London Internet Exchange (LINX) has been hit by a large scale outage that many observers are blaming on a possible distributed denial of service (DDoS) attack.
28.05.12 - Flame: Massive cyber-attack discovered, researchers say
A complex targeted cyber-attack that collected private data from countries such as Israel and Iran has been uncovered, researchers have said.
16.05.12 - Council fined £70,000 for losing highly sensitive data
The London Borough of Barnet has been issued with a penalty of £70,000 for losing paper records containing highly sensitive and confidential information, including the names, addresses, dates of birth and details of the sexual activities of 15 vulnerable children or young people.
15.05.12 - Watching the Detectives: Reporter Feature
The phonehacking scandal has recently thrown into sharp focus the murky underworld of private detectives and their ability to unearth the secrets on the rich and famous. But the black market in private information isnt restricted to celebrities.
15.05.12 - Debit card fraud linked to Global Payments breach
Debit cards affected by the Global Payments incident have reportedly been used by fraudsters.
15.05.12 - Surveillance of personal mobile comms is no big deal for telcos
Requests for the collection of personal data should not prove to be a challenge for telecommunication companies.
14.05.12 - Trade in sensitive personal data uncovered by secret investigation
C4's Dispatches records private investigator selling bank details and criminal and medical records to reporters
03.05.12 - Soca attack: Serious Organised Crime Agency site taken down
The website of the UK's Serious Organised Crime Agency (Soca) has been taken offline following a cyber attack.
03.05.12 -UK prepared for Olympic cyber attack, says minister
The 2012 Olympics in London will not be immune to cyber attacks by those who would seek to disrupt the Games, says Cabinet Office minister Francis Maude.
03.05.12 - GP record data to be released in September
GP record information will be opened up in the next six months as part of the Department of Health’s plan to release healthcare data.
01.05.12 - Government data sharing plans may breach Data Protection Act
Cabinet Office plans to increase data sharing among government departments and other public-sector bodies will require a new "consent exemption" to legalise the sharing of sensitive personal data.
30.04.12 - ICO issues £70,000 fine to Aneurin Bevan Health Board
The Aneurin Bevan Health Board (ABHB) has been served a monetary penalty by the Information Commissioner's Office (ICO).
27.04.12 - SOCA co-ordinates takedown of carder site network
The UK's Serious Organised Crime Agency (SOCA) has taken down 36 website domains used to sell compromised payment card data and online bank account details.
26.04.12 - Infosec 2012: Unscrubbed hard drives a threat to business, says ICO
Unscrubbed hard drives on computers that are decommissioned and sold on represent a significant risk to business, according to the ICO.
24.04.12 - Infosec 2012: Record security breaches cost UK firms billions
UK firms are suffering a record number of security breaches, costing billions of pounds a year, a survey of more than 400 businesses shows.
24.04.12 - Willets: Cyber security not 'solely military issue'
The minister for cyber security claims the UK differs from the world on its approach to cyber crime. Cyber security is not just an issue for the military to face, but one for both the public and private sector to work on together.
24.04.12 - London Marathon: Runners' details accidentally shared
The home and email addresses of the 38,000 entrants to the London Marathon were accidentally published on the organisers' website, the BBC has discovered.
18.04.12 - Businesses unlikely to comply with 24-hour breach notification
Only one in ten UK businesses would be able to comply with the proposed European Commission ruling on reporting data losses within 24 hours
18.04.12 - Large organisations' security breaches blamed on poor policies
A lack of decent security on mobile devices and tablets has led to 82 per cent of large organisations reporting security breaches.
17.04.12 - Online security flaw leads to data breach at Toshiba
Toshiba Information Systems (UK) have breached the Data Protection Act (DPA) after the personal details of 20 competition entrants were compromised by a security flaw on their website, the Information Commissioner’s Office (ICO) said today.
16.04.12 - NHS trust reports losses of unencrypted USB sticks
South London Healthcare NHS Trust has reported the loss of two unencrypted memory sticks among a series of data losses.
11.04.12 - Security Breach at Architecture Icon
How is it then that Europe’s most famous to-be-completed building could be broken into? And more importantly, what does this mean for security on everyday architectural projects worldwide
02.04.12 - Visa drops Global Payments after hackers compromise 1.5m accounts
Visa has dropped its seal of approval for credit and debit card processor Global Payments in the wake of a data breach involving 1.5 million accounts.
30.03.12 - Company directors use council employee to illegally access tenants’ details
A Slough letting agent and one of its directors who unlawfully obtained details about their tenants from a rogue employee at Slough Borough Council have been found guilty of committing offences under Section 55 of the Data Protection Act 1998 (DPA).
28.03.12 - Online crime is organised, with groups often less than six months old
More than three-quarters of digital crime comes from organised activity. According to research by BAE Systems Detica and The John Grieve Centre, at least 80 per cent of digital crime stems from six types of organised groups, and nearly half (43 per cent) of organised digital crime group members are over 35 years of age.
28.03.12 - Financial services remains the biggest victim of cyber crime
According to PwC's global economic crime survey, 45 per cent of financial services organisations have suffered fraud in the past 12 months, in comparison with 30 per cent of those in other industries. Also, cyber crime accounted for 38 per cent of economic crime, compared with 16 per cent of crime in other industries.
27.03.12 - Schools survey reveals truth about encryption and stolen devices
UK schools, colleges and universities have not encrypted their laptops as they face the reality of device theft.
27.03.12 - Details of 170,000 military singles dumped online 'by LulzSec Reborn'
A hacking group calling itself 'LulzSec Reborn' has posted 170,937 names, usernames, passwords and email addresses of a military dating site's members.
27.03.12 - Warwickshire-based company to revamp data protection following breach
A Warwickshire-based company has committed to taking action to protect personal data, following a breach of the Data Protection Act (DPA). The breach occurred when a system used by Pharmacyrepublic Limited to record the medication handed out to around 2,000 patients was stolen from one of its premises, the Information Commissioner’s Office (ICO) said.
26.03.12 - Executives using public cloud to dodge IT rules
Three-quarters of senior executives think the public cloud is a way to get the IT they need without having to adhere to IT policy, according to research. Furthermore, almost 60% of companies are already bypassing IT to use public cloud services.
23.03.12 - Millions of Barclays card users exposed to fraud.
Barclays customers using contactless bank cards could have their data stolen without even knowing through readers in new mobile phones, Channel 4 News can exclusively reveal.
23.03.12 - Ex-Hertfordshire constable Adrian Moir fined over data breach
A former constable from Hertfordshire has been fined after using police systems to access information about his friends.
22.03.12 - Data breaches rocket, as Verizon report highlights tardy detection
The number of breached records increased from four million to 174 million in a year, with 97 per cent of them described as "avoidable".
21.03.12 - Student Loans Company leaks 8,000 students' e-mail addresses
Student e-mail addresses have been released by the Student Loans Company, a division of the government's Department for Business, Innovation and Skills.
20.03.12 - Indian call centre staff 'selling confidential personal data'
Media reports have disclosed that call centre staff have sold credit-card details and patient records to third parties.
20.03.12 - Email the preferred method of sending large files for UK businesses
More than two-thirds of businesses continue to use email as their main method to send and exchange large files and sensitive data.
20.03.12 - Per-record data breach cost rises
The cost to organisations of a data breach is now £79 per record, a rise of £8 in a year.
20.03.12 - Data security and the public sector: it never rains but it pours
On the face of it, you might be tempted to say that the public sector gets more than its fair share of data breaches, and following the spate of fines from the Information Commissioner's Office (ICO) this month, there is clearly an issue here
20.03.12 - Cost of data breaches outstripping inflation
The average cost to UK business per record lost, according to the latest Symantec/Ponemon study, has increased from £47 in 2007 to £79 in 2011. Had it been inflation alone, it would have increased to just over £53.
13.03.12 - McDonald's employee skimmed customer payment cards for three weeks
A McDonald's employee used a handheld skimming device for three weeks to collect "approximately 282" card numbers.
09.03.12 - Scottish charity signs ICO undertaking following personal data theft
A Scottish charity - based in Glasgow - breached the Data Protection Act after two unencrypted memory sticks and papers containing the personal details of up to 101 individuals were stolen from an employee’s home.
06.03.12 - Security breach over Belfast City Council details
Belfast City Council has said an investigation has been launched after personal details of councillors were given to a member of the public
05.03.12 - Investigation reveals free Android apps pass personal data to third parties
Android applications are sharing users' personal data without their knowledge
01.03.12 - One member of staff sacked and another reprimanded after data breaches at Northampton General Hospital
ONE member of staff was sacked and another severely reprimanded for accessing details of Northampton General Hospital patients they were not treating, a new report reveals
01.03.12 - University published personal data in online training manual
Durham University breached the Data Protection Act after disclosing personal information in training materials published on its website, the Information Commissioner’s Office (ICO) said today.
20.02.12 - Encrypted data was hacked in Valve attack
An attack on the distribution network of gaming firm Valve has revealed that encrypted credit card transaction data was hacked from a backup database.
20.02.12 - Analysis: ICO focus on public sector: Is that about to change?
The Information Commissioner’s Office has submitted a business case to the government for extending its powers to carry out compulsory audits. Does this mean the ICO is finally planning to tackle data protection failures in the private sector with the same vigour as it has in the public sector?
17.02.12 - USB stick with 'nuclear power station stress assessment' lost
A USB stick that contained details of a stress test at Hartlepool's nuclear power station has been lost by a government inspector
13.02.12 - Eircom slammed for laptop and data loss
Irish Data Protection Commissioner Billy Hawkes has called the loss of Eircom's laptops "one of the most serious breaches" his office has seen.
10.02.12 - PCI council announces credential plans and new chairperson
The PCI Security Standards Council is planning to introduce a certification that demonstrates a company is qualified for assessment.
08.02.12 - Lost USB stick contained details of more than 1,000 school children
The details of more than 1,000 school pupils were lost when a USB stick was misplaced by a member of East Lothian Council.
08.02.12 - More than three-quarters of UK employees 'unaware of EC data protection changes'
Two-thirds of UK employees would read an email that was not intended for them, as research finds that three-quarters are unaware of proposed changes to the Data Protection Directive.
03.02.12 - Financial company loses over 600 customers’ details
A financial services company with operations in the UK, USA and Middle East breached the Data Protection Act by losing over 600 customers’ personal details, the Information Commissioner’s Office (ICO) said today.
02.02.12 - Met Police admits victims' email address sharing error
Scotland Yard has admitted inadvertently sharing the email addresses of more than 1,000 victims of crime with other victims.
30.01.12 - Midlothian Council handed penalty for five serious data breaches
The Information Commissioner’s Office (ICO) has imposed a monetary penalty of £140,000 on Midlothian Council for disclosing sensitive personal data relating to children and their carers to the wrong recipients on five separate occasions. The penalty is the first that the ICO has served against an organisation in Scotland.
27.01.12 - ICO calls for rethink on Data Protection Directive changes
The Information Commissioner's Office (ICO) has broadly welcomed the upcoming changes to the Data Protection Directive this week, but called some areas "unnecessarily and unhelpfully over-prescriptive".
27.01.12 - ICO: consumers often denied right to their information
Consumers are being denied the right to access the information that companies or public bodies hold about them, according to the Information Commissioner, Christopher Graham
26.01.12 - Leveson Inquiry hears data laws 'breached every day'
Data protection laws covering illegally obtaining or using personal information are being breached every day, the Leveson Inquiry has heard.
25.01.12 - Businesses will have to report major data breaches within 24 hours under new EC law
Businesses across the European Union (EU) will have to report ‘major' data breaches within 24 hours.
24.01.12 - Government CIO unveiled as part of C-level changes
Andy Nelson has been announced as the new chief information officer (CIO) of central government.
23.01.12 - EU proposes 'right to be forgotten' by internet firms
A new law promising internet users the "right to be forgotten" will be proposed by the European Commission on Wednesday
18.01.12 - Action taken after care provider lost unencrypted memory stick
A care provider with offices in Northern Ireland and the Isle of Man has taken action to improve its data protection practices following a joint ruling by the Information Commissioner’s Office (ICO) and the Office of the Data Protection Supervisor (ODPS) for the Isle of Man
17.01.12 - London 2012 Olympics security plans left on train
The Metropolitan Police claim that the £1 billion security operation for the London 2012 Olympic Games has not been compromised despite confidential anti-terrorism documents being left on a train
15.01.12 - Zappos Says Hackers Accessed 24 Million Customers' Account Details
Twenty-four million Zappos customers are getting an unpleasant Sunday-evening surprise.
13.01.12 - NHS fined £375k after stolen patient data flogged on eBay. Hospital bosses appeal against ICO's stiffest punishment yet
The Information Commissioner is proposing to issue its heaviest ever fine for a breach of UK data protection laws. It proposes fining a health body after patient records were stolen from a hospital and sold on eBay.
12.01.12 - Health worker convicted of obtaining patient details unlawfully
A former health worker has pleaded guilty to unlawfully obtaining patient information by accessing the medical records of five members of her ex-husband’s family in order to obtain their new telephone numbers.
12.01.12 - Malicious URLs being disguised by QR codes
Spam mails are beginning to hide their links in embedded Quick Response (QR) codes, showing a clear movement towards spammers targeting mobile technology
12.01.12 - Stratfor CEO admits credit card data was unencrypted and expects to be attacked again
Stratfor relaunched its website last night with its founder and CEO acknowledging its security failures but boldly saying that "the attempt to silence us failed".
12.01.12 - Has India got backdoors into Rim, Nokia and Apple? Probably
Symantec ‘source’ code wasn’t the only thing stolen in the recent hack of the Indian Military by the team calling itself The Lords of Dharmaraja. There’s a memo supposedly indicating that at least Blackberry, Nokia and Apple have provided backdoors into their systems in exchange for access to the Indian market
09.01.12 - Stratfor data dump contained British military and political user passwords
09.01.2012 - The passwords of British defence, intelligence and police officials were among those posted online following the Stratfor attack.
06.01.12 - Ramnit worm steals 45,000 Facebook passwords
A computer worm has begun targeting Facebook accounts and has stolen at least 45,000 login credentials from users, say security researchers.
06.01.12 - The Cattles Group loses 1.4m customer records
The Cattles financial services group has admitted losing unencrypted computer backup tapes containing personal details of 1.4 million customers.
04.01.12 - Hackers expose 15,000 Israeli credit card details
Hackers have exposed the details of 15,000 credit cards after breaking into the companies responsible for maintaining the information.
03.01.12 - Subway hackers used freely available tools and sold data via a file transfer site
The tools used in the Subway card skimming operation are widely available on the internet for anyone willing to take the risks.
22.12.11 - Facebook ordered to boost privacy after critical audit
Facebook has agreed to a series of privacy improvements for millions of its users, including changes to how it retains data, following a critical audit of its operations outside the US by Irish authorities.
21.12.11 - Security bug in Windows 7 detected
A researcher has posted on Twitter about a Windows vulnerability that can be exploited through Apple's Safari browser
21.12.11 - Companies struggle to comply with PCI DSS standard, Gartner finds
Close to one-fifth of companies that should be compliant with the Payment Card Industry Data Security Standard (PCI DSS) are not, according to surveys conducted by research firm Gartner.
21.12.11 - Atos to provide £8m GP data mining system
IT services company Atos has won an £8m five-year contract to provide a computer system that will retrieve patient information across GP practices.
21.12.11 - FTC Fines Santa Claus for Violating Children's Privacy
WASHINGTON -- Federal Trade Commission Chairman Jon Leibowitz today announced a record fine against Santa Claus for violations of the Children's Online Privacy Protection Act.
19.12.11 - ICO: texts and private email subject to FOI
Public sector employees who text on a private device for work purposes are subject to freedom of information requests, according to guidance published by UK data authority the Information Commissioner's Office.
19.12.11 - Computer hackers used by press claims ex-policeman
"There were very few stories, about one per cent, that didn't involve some form of illicit mining of confidential information, breaching the Data Protection Act... nothing was a barrier."
16.12.11 - Visa investigates security breach
Credit card firm Visa is investigating reports of a security breach at a European payment processor, with cardholders in eastern Europe potentially affected.
16.12.11 - Receptionist unlawfully accessed sister-in-law’s medical details
A receptionist who unlawfully obtained her sister-in-law’s medical records in order to find out about the medication she was taking has been found guilty of an offence under section 55 of the Data Protection Act.
15.12.11 - Visa says European card processor notified about database security breach
Payment processing company Visa has received notification of a possible security breach in the database of a processor in Europe, according to Catalin Cretu, the general manager of Visa Europe for Romania. The statement came soon after Romanian bank CEC Bank blocked 17,000 cards on suspicions of a security breach.
15.12.11 - ICO clarifies law on information held in private email accounts
The Information Commissioner’s Office (ICO) has today published new guidance making it clear that information concerning official business held in private email accounts is subject to the Freedom of Information Act.
15.12.11 - ENISA considers 'cyber security month'
The European Network and Information Security Agency (ENISA) is touting the idea of a 'European Cyber Security Month' to raise awareness of risks and best practices across member states.
14.12.11 - ICO claims websites must try harder on cookie compliance - and encourages looking at other sites for guidance
Websites have been ordered to ‘try harder' by the Information Commissioner's Office when it comes to new laws on cookies
ICO blog: half term report on cookies compliance
Back in May this year, we published advice on how to comply with the revised cookie rule. The rule had just been implemented as part of the review of the ePrivacy Directive. In the advice, we set out what the law said, what it required and what it means for those who have to comply.
13.12.11 - European data watchdog rejects passenger data arrangements with US
Europe's data watchdog has raised “a number of concerns” over the controversial data sharing arrangement between the EU and the US over passenger information.
13.12.11 - FBI says hackers hit key services in three US cities
The infrastructure systems of three US cities have been attacked, according to the Federal Bureau of Investigation.
12.12.1 - Privileged user management causing confidential details to be viewed
New research has found that increased threats to sensitive and confidential workplace data are created by a lack of control and oversight of privileged users
12.12.11 - Protecting business information: necessary steps to be taken
There are legal and practical steps you can take to protect your business information, both while employees are with you and when they leave to work for a competitor.
09.12.11 - Facebook's security glitch
Facebook founder Mark Zuckerberg's private photos were published online after a group found a security glitch on the social network.
09.12.11 - Telstra shutters customer self-service site after security blunder - Passwords? We’ve heard of them
Telstra’s customer self-service site has had to be shut down after it sprayed sensitive customer data to the world at large.
09.12.11 - Leaked EU data protection draft SHALL. NOT. PASS. Doubtful Commission's proposals will be enacted in this form
Analysis The first impression of this leaked text is that this version of the Regulation is more prescriptive than Directive 95/46/EC and will get up most data controllers and governmental noses.
07.12.11 - 30-something men most likely to steal company secrets
The typical profile of an insider likely to be a threat to an organisation's intellectual property is 37 years old, male and probably a programmer, engineer or manager. Read more: http://www.computing.co.uk/ctg/news/2130923/-steal-company-secrets#ixzz1gPG6EoKo Computing - Insight for IT leaders Claim your free subscription today.
06.12.11 - Targeted attacks increase four-fold in 2011
The amount of targeted attacks has increased by four times over the course of 2011.
06.12.11 - Powys County Council fined £130,000 for disclosing child protection case details
The Information Commissioner's Office (ICO) has today served a monetary penalty of £130,000 to Powys County Council for a serious breach of the Data Protection Act where the details of a child protection case were sent to the wrong recipient. The penalty is the highest that the ICO has served since it received the power in April 2010 and follows a less serious, but similar incident, which was reported by the council to the ICO in June last year.
05.12.11 - One in four IT security staff abuse admin rights, survey shows
At least one in four IT security staff use their privileged login rights to look at confidential information, a survey has revealed.
04.12.11 - Patients' NHS records could be shared with private firms
Healthcare companies could be given access to anonymous NHS patient records and other NHS data under new plans.
02.12.11 - Estate agent prosecuted for offence under the Data Protection Act
An estate agent yesterday pleaded guilty to the offence of failing to notify the Information Commissioner’s Office (ICO) that his business processes personal data.
01.12.11 - GCHQ challenges codebreakers via social networks
UK intelligence agency GCHQ has launched a code-cracking competition to help attract new talent.
30.11.11 - UK still slow on USB security
Employees are putting organisations' sensitive data at risk.
29.11.11 - Why is data protection not a priority for small businesses?
Small business disaster can strike at any moment, from a computer virus to a flood, fire or theft.
28.11.11 - Two county councils fined by ICO over 'serious email errors'
The Information Commissioner's Office (ICO) has served fines to North Somerset Council and Worcestershire County Council for ‘serious email errors'.
28.11.11 - Hacking of Maple Story could leave 13 million gamers at risk
Up to 13 million gamers could be put at risk after Nexon confirmed that names, usernames, encrypted resident registration numbers and passwords had been hacked.
25.11.11 - UK cyber security strategy due to be unveiled
The government will reveal its plan to tackle cyber crime later, including using the intelligence agency GCHQ to help the private sector protect itself.
25.11.11 - ICO asks public to Tell Me More about what information should be proactively released
The Information Commissioner’s Office (ICO) today launched a consumer campaign aimed at getting the public to offer their views about what information public authorities should proactively release.
23.11.11 - Personal data 'lost by 132 councils'
Private data has been lost by or stolen from UK local councils more than 1,000 times since 2008, a report says
23.11.11 - Investigation reveals extent of data loss in the public sector
There have been more than 1,000 incidents of data loss in the past three years in the public sector.
22.11.11 - Southwark Council rapped for leaving sensitive documents and computer in vacated office
A computer and papers containing the personal information of 7,200 people were discovered in a skip earlier this year, according to the Information Commissioner's Office (ICO).
22.11.11 - UK banks set for cyber security 'stress test'
British banks are to take part in a cyber attack exercise designed to test their response to a collapse of telecoms, internet and other systems.
17.11.11 - Scottish lawyer has unencrypted laptop stolen during holiday
A laptop belonging to a Scottish QC was stolen from her home
15.11.11 - Letwin signs commitment to keep personal details secure
Oliver Letwin must ensure that he keeps personal information secure or face formal enforcement action, the Information Commissioner has said. Christopher Graham today announced that the West Dorset MP’s disposal of constituency paperwork in public bins constituted a breach of the Data Protection Act.
14.11.11 - Information security will play a key part in enhancing the UK's economic prosperity
Speaking at the IISP's 5th annual general meeting, GCHQ director general for government and cyber security Jonathan Hoyle said that effective information security, underpinned by professionalisation and the continued growth of cyber skills in academia, will be a cornerstone for achieving success in this challenging technological environment.
11.11.11 - Former GCHQ director claims security ignorance is holding back business
A lack of understanding of cyber security issues is holding business leaders back from forming a sufficient strategy against cyber crime.
11.11.11 - Government criticised for lack of leadership on Big Data
The problem of 'big data' can be solved providing the right techniques are used to manage and search the 'digital landfill'
11.11.11 - Valve's online game service Steam hit by hackers
The Steam video game service, used by 35 million people, has been compromised by hackers. Its owner and operator, Valve, uncovered an intrusion into a user database while investigating a security breach of its discussion forums.
10.11.11 - Gambling worker guilty of selling 65,000 bingo players’ details
A former gambling industry worker who unlawfully obtained and sold personal data relating to over 65,000 online bingo players has been found guilty of committing three offences under section 55 of the Data Protection Act.
08.11.11 - Security patches for your people
If there's one thing the big security breaches of the past few years have taught us, it's that employees are just as critical to network security as the technology.
07.11.11 - Computing Which? says a fifth of members have fallen victim to internet scams
According to the latest issue of Computing Which?, a surprising number of people are being taken in by fake technical support claims, scareware and social networking scams
07.11.11 - Adidas takes down websites after cyber attack
Adidas has taken down its websites after suffering a 'sophisticated, criminal cyber attack'.
04.11.11 - Vince Cable sorry for confidential letters left in bins
Vince Cable has apologised "unreservedly" after confidential documents were discovered in bins left outside his constituency office.
03.11.11 - Council lost memory stick containing 18,000 residents’ details
Rochdale Metropolitan Borough Council breached the Data Protection Act by losing an unencrypted memory stick containing the details of over 18,000 residents, the Information Commissioner’s Office (ICO) said today. The ICO has required the council to put changes in place and will check to ensure the improvements have been made.
31.10.11 - Nearly A Third Of Execs Say Rogue Mobile Devices Are Linked To Their Networks
Eighty-seven percent feel their organizations are at risk of attack via a mobile security lapse
31.10.11 - Researcher finds way to send executable file on Facebook
Researchers have discovered a way to evade Facebook security controls to deliver a message on the social networking site that contains an executable file
31.10.11 - Facebook admits to 600,000 cyber attacks a day
Facebook has revealed that every 24 hours it receives around 600,000 logins to the social networking website from impostors attempting to access users' messages, photos and other personal information
31.10.11 - UK security strategy draws on growing expertise across Whitehall
The UK's soon-to-be-released cyber security strategy includes input from policy makers across government, says Nigel Harrison of the Office of Cyber Security and Information Assurance (OCSIA).
28.10.11 - Youth offenders’ details lost on unencrypted laptop
Newcastle Youth Offending Team breached the Data Protection Act by failing to encrypt a laptop containing personal data which was later stolen, the Information Commissioner’s Office (ICO) said today
28.10.11 - Coventry University opens hacking research lab
A new laboratory dedicated to researching cyber crime is due to open at Coventry University later.
27.10.11 - Patients’ details binned on two occasions
University Hospitals Coventry & Warwickshire NHS Trust breached the Data Protection Act by losing patients’ medical information on two separate occasions, the Information Commissioner’s Office (ICO) said today
26.10.11 - MPs call for tougher personal data abuse laws
Courts should have the power to jail people who breach the Data Protection Act, MPs on the justice select committee have said.
24.10.11 - Hackers cost UK economy billions every year, says head of military cyber security
Hacking by foreign governments and businesses costs the UK economy billions of pounds, according to the head of the British military's cyber security programme.
21.10.11 - Data protection confidence falling as data breaches increase, says ICO
Public confidence in organisations to keep personal data safe continues to decline, despite increased awareness by business of data protection obligations, says the Information Commissioner's Office (ICO).
21.10.11 - Businesses ‘waking up’ to data protection responsibilities
Businesses may be ‘waking up’ to their obligations under the Data Protection Act (DPA) but public confidence in how personal information is being handled continues to decline, the Information Commissioner’s Office (ICO) said today.
21.10.11 - The public trust government most with its data, but majority have not heard of the ICO
The UK government is more trusted than banks, social networks and the NHS when it comes to keeping data safe
21.10.11 - Many UK organisations still failing on the basics of data protection, says ICO
The Information Commissioner's Office (ICO) has imposed only six monetary penalties against organisations for data breaches since gaining the power in April 2010, says deputy commissioner David Smith.
19.10.11 - Housing group emailed workers’ details to wrong address
A private housing group based in Dorset breached the Data Protection Act by sending the personal data of 200 employees to the wrong email address, the Information Commissioner’s Office (ICO) said today
17.10.11 - Inside and out - understanding the data threats that can affect businesses
As more high-profile data-theft stories continue to dominate the news, organisations are increasingly under pressure to have a clear understanding of their data and how it can be accessed.
17.10.11 - IT professionals focus on compliance as a means to become secure
A fifth of IT professionals have admitted that they may not cope with the consequences of a major security breach
14.10.11 - Oliver Letwin dumps documents in park bins
Cabinet Office minister Oliver Letwin has admitted dumping government documents in park bins near No 10.
14.10.11 - Blackberry downtime caused by business continuity failure
According to RIM the downtime was the result of the failure of a core network switch and then the failure of business continuity processes which were meant to kick-in.
13.10.11 - Most patients believe NHS data breaches should result in sackings
NHS patients believe that hospital chief executives and management should be held accountable for healthcare privacy protection and breaches
12.10.11- Sony locks 93,000 user accounts after breach
Sony has confirmed that a fresh attack on its networks has impacted 93,000 accounts.
11.10.11 - Facebook app for iPad 'riddled with bugs'
Just hours after Facebook's release of its long-awaited iPad app, users have started reporting bugs.
11.10.11 - Businesses flout PCI storage and monitoring standards
Most businesses are still failing to comply with payment card security standards
06.10.11 - Dartford and Gravesham NHS Trust destroyed patient data
An NHS trust in Kent accidentally destroyed 10,000 archived records and failed to realise its mistake for three months, it has been revealed
06.10.11 - School and union's Data Protection Act breach 'inexcusable'
The Information Commissioner's Office (ICO) has reported that a school and a school union breached the Data Protection Act following the loss of laptops.
06.10.11 - ICO: NHS data security breaches are just 'plain daft'
As bad as gossiping about patients down the pub, says watchdog
03.10.11 - Betfair is in for a rough ride over data theft
Among 13 pages of risk factors was the generic heading: "Failure to adequately protect customer account information could have a material adverse effect on Betfair."
03.10.11 - Victims in the dark after hospital loses unencrypted USB stick
A lost USB stick contained the medical details of 800 people in Surrey.
30.09.11 Personal data of five million US soldiers lost
Backup tapes containing the personal information of nearly five million current and former US soldiers have gone missing.
27.09.11 - Time to wake up
One of the most important responsibilities of any business, charity or public sector organisation is to safeguard the personal information it collects as part of its normal operations.
22.09.11 - Researchers claim to have broken SSL/TLS encryption
Two security researchers claim to have found a way of breaking the SSL/TLS encryption that is widely used to guarantee the reliability and privacy of data exchanged between web browsers and servers.
21.09.11 - Social engineering attacks hit ill-prepared UK businesses, survey shows
Less than a third of UK businesses provide regular training aimed at preventing social engineering attacks, despite 42% being hit by such attacks in the past two years at an average cost of £15,000 per incident, a survey has revealed.
21.09.11 - Gartner: A strategic approach to IT security is essential
Cyber threats will always get ahead of defences, which is why organisations need a strategic approach, says Gartner analyst Lawrence Orans.
21.09.11 - Gartner: Best defence against social media threats is monitoring and education
Blocking social media in the enterprise encourages bad behaviour by employees but does not prevent access, according to Gartner.
21.09.11 - New-starters and contractors are biggest targets of social engineering attacks
The most likely targets of social engineering attacks are newly appointed employees and contractors.
21.09.11 - Designing for counter terrorism
The UK threat level has fluctuated for some years now between ‘critical’, ‘severe’ and ‘substantial’, the three highest levels of threat, so it is apparent that we are still very much at risk from attack by international terrorist groups.
16.09.11 - PCT lost personal details of 1.6 million patients
The personal details of 1.6 million individuals were lost after they were placed on a CD that accidentally got sent to landfill.
15.09.11 - Insiders increasingly linked to data breaches in the financial sector
Employees are increasingly responsible for data breaches at financial institutions, according to the US Computer Emergency Response Team (CERT).
15.09.11 - Soca's online child protection centre beefs up data encryption following ICO investigation
The Child Exploitation and Online Protection Centre of the UK's Serious Organised Crime Agency (SOCA) has improved security around personal data sent from its website.
15.09.11 - UK business and government dangerously out of tune with cyber threats, says Chatham House
Business and public sector organisations lack understanding of the nature and gravity of cyber threats and the UK government lacks vision and leadership in dealing with cyber attacks, according to a report by Chatham House.
14.09.11 - ICO calls for prison sentences as more businesses report data loss
Almost 90 per cent of businesses have suffered some form of data loss in the past year.
13.09.11 - Privacy report urges government prevent data breaches in move to transparency
The government must improve its understanding of technology to prevent the identity and personal information of individuals being revealed in datasets, a privacy expert has warned.
13.09.11 - Consumerisation of IT fuels security fears
Despite the majority of employees are using personal laptops and other mobile devices for work-related purposes, a striking majority are concerend about security concerns from their use.
08.09.11 - Consumerisation worries public sector IT managers
More than three-quarters of public sector IT managers are concerned about employees accessing government networks via personal gadgets.
07.09.11 - Bomb scares target Pakistan jets bound for UK, Malaysia
Pakistan International Airlines (PIA) says two of its passenger planes have been the subject of a bomb threat.
07.09.11 - NHS trust criticised over data loss
University Hospital of South Manchester NHS Foundation Trust lost the personal information of 87 patients when a medical student mislaid an unencrypted memory stick.
07.09.11 - Facebook is not trusted to provide government ID system
The government will not be using Facebook as part of its digital identity assurance project - a key platform in the Cabinet Office drive to get more citizens accessing public sector services online - because Whitehall does not trust the way the social network uses customer data.
06.09.11 - Reality of cyber crime laid bare as 19 Brits fall victim every minute
Cyber crime costs the UK economy £474 million a year, with 19 British people falling victim every 60 seconds.
05.09.11 - More businesses blocking access to social media
The number of businesses that have chosen to block access to social networking sites has risen over the past year.
02.09.11 - Scottish Children's Reporter Administration rapped by ICO over two data loss incidents
The Scottish Children's Reporter Administration (SCRA) breached the Data Protection Act twice, according to the Information Commissioner's Office (ICO).
02.09.11 - Texas Police Chief Association suffers data breach, with sensitive documents and emails published
The Texas Police Chief Association was hacked last night with classified information leaked along with private emails from police.
01.09.11 - Pakistan bans VPNs to prevent users accessing banned websites
Pakistani authorities have banned the use of virtual private networks in a crackdown on internet access.
31.08.11 - Cyber crime remains primary concern for businesses, as a third experience attacks on a regular basis
Cyber crime remains the leading business risk for organisations of all sizes.
30.08.11 - Orange restores broadband customers' e-mail account access but loses data
A problem with Orange e-mail has been partly fixed as accounts are restored, but weeks of e-mails may be lost.
30.08.11 - Wikileaks error discloses identities of anonymous whistleblowers
Whistleblowing website Wikileaks has accidentally released confidential data containing the names of anonymous sources.
30.08.11 - ICO says knowledge of data privacy should be part of national curriculum
The Information Commissioner's Office (ICO) has stressed the importance of data privacy and said that it should be part of the formal education process.
23.08.11 - Websites place design above security
Web developers have placed too much importance on the look, speed and ease of access for websites and web applications, at the expense of writing secure code, according to a new report.
23.08.11 - South Korean branch of Epson suffers breach of 350,000 people's data following hack
According to the South Korean news agency Yonhap, the breached records contained names, user IDs, passwords and resident registration numbers. Epson Korea said it is trying to track the hackers but has found no trace of them.
22.08.11 - Government websites unprepared for cookie law
Most local councils, police and fire services have not yet taken action to ensure their websites comply with new legislation on cookies, according to an independent audit.
18.08.11 - Second #opBART attack targets San Francisco police officers
A second attack was launched on the San Francisco Bay Area Rapid Transit (BART) yesterday that led to the personal details of 102 police officers being leaked.
16.08.11 - Google passes ICO audit but must make privacy improvements on all products
Google has been praised by the Information Commissioner's Office (ICO) after an audit of its UK office.
15.08.11 - PCI council guidance on tokenisation welcomed
The PCI Security Standards Council (PCI SSC) has released guidance on tokenisation and how it may make compliance easier.
15.08.11 - Government must change the way it stores citizens' personal data, calls the Equality and Human Rights Commission
Current privacy law is failing to stop breaches of personal data privacy and is not keeping pace with the rapid growth in personal data collection, according to a report from the commission.
12.08.11 - US university takes over a month to notify students and staff of potential data breach
The US University of Wisconsin-Milwaukee is notifying 75,000 students and staff that their personal information may have been exposed in a breach of one of the institution's IT systems in May, but the delay is highlighting the need for more timely breach notifications.
11.08.11 - Hong Kong share trading hit by hackers
Trading in seven stocks listed on the Hong Kong stock exchange was suspended on Wednesday after a hacking attack.
10.08.11 - Citigroup hit by another data breach, as 92,000 Japanese customers affected
Citigroup has confirmed that customer information has been obtained and sold to a third party illegally.
10.08.11 - ICO failure to punish Lush for data breach 'sends wrong message'
The failure of the Information Commissioner's Office to impose a monetary penalty against cosmetics firm Lush - for failing to protect thousands of customer records from hackers - sends out all the wrong messages.
09.08.11 - Blackberry to co-operate with police after youths used BBM to organise riots
Research in Motion has said that it will co-operate with the police after it was revealed that London rioters used Blackberry Messenger rather than Twitter to organise looting sprees across the capital, with violence later spreading to Birmingham, Liverpool, Nottingham and Bristol.
09.08.11 - Consumers failing to take mobile security seriously says Sophos
More than two-thirds of consumers do not have passwords set up on their mobile phones
08.08.11 - Anonymous ups the ante against police in new attack claim
As part of its antisec campaign and as a response to recent arrests, including that of suspected LulzSec spokesperson Topiary, Anonymous said it released over 10GB of private police emails, training files and personal information over the weekend on what it called ‘Shooting Sheriffs Saturday'.
08.08.11 - Schoolboy errors in Hampshire school hack attack, 20,000 at risk
According to the Information Commissioner's Office (ICO), a pupil of Bay House School in Hampshire discovered the password which allowed access to the personal details of nearly 20,000 individuals, including 7,600 pupils. This broke the Data Protection Act.
08.08.11 - Amazon customers consider on-premise servers after cloud service outage
Amazon cloud customers are considering deploying their own servers after a second Amazon Web Services (AWS) outage within four months brought their websites down.
05.08.11 - Loss of 26,000 housing records highlights poor state of UK data protection
The loss of a memory stick containing the personal details of over 26,000 tenants of two London housing associations shows many UK organisations still have poor operating policies, say experts.
04.08.11 - Cost of cyber crime study shows need for security planning, says ISACA
Global IT security association ISACA has welcomed the finding of the Ponemon Institute's latest Cost of Cybercrime report, that organisations are increasing investment in security forensics and detection methodologies.
04.08.11 - Hershey hacked by attacker who changes recipe rather than steal data
A hacker managed to penetrate the website of confectionary giant Hershey and change a recipe.
03.08.11 - UK defence contractor and security firms suffer cyber attack
Leading security firm McAfee has revealed that a UK defence contractor and cyber security firm have both been the victims of lengthy criminal intrusions.
02.08.11 - The Sun admits that personal data was breached after homepage hack
News International has suffered a fresh setback as it has been forced to contact readers regarding a potential data breach.
02.08.11 - Organisations fail to meet security awareness and compliance training best practices
A survey of high-risk organisations has found that more than three quarters fail to perform quarterly security and compliance training.
01.08.11 - ICO calls for prison sentences for use of stolen data
The UK should introduce prison sentences for using stolen personal data, says Information Commissioner Christopher Graham.
29.07.11 - US approves ISP data retention bill
The US House of Representatives has approved a new piece of legislation that will force internet service providers (ISPs) to save logs of all their customers' activities for 12 months.
29.07.11 - Google Apps meets US federal security standards, says Unisys
Google Apps for Government exceeds US federal information security requirements, according to IT services firm Unisys.
29.07.11 - Greater Manchester Police hit by theft of USB containing sensitive data
Greater Manchester Police has revealed that an officer had an unencrypted USB device containing detailed information on active operations and personal information on members of the public stolen from his home.
28.07.11 - Hackers raid 35 million South Korean website accounts
Hackers have stolen personal data from 35 million accounts at a South Korean social networking site and a web services portal, in the latest of a series of cyber attacks on government and financial firms.
27.07.11 - IT staff admit having access to sensitive information without board level knowledge
Almost half of IT staff are able to gain unauthorised access to their organisation's most sensitive information.
26.07.11 - US calls for international collaboration on cybercrime and other transnational crime
The US has unveiled plans to tackle various forms of transnational organised crime, including cybercrime and the theft of intellectual property.
26.07.11 - Confidential files found in street
An inquiry has been launched after a confidential police file containing the personal details of a teenage rape victim was found in the street.
26.07.11 - UK police forces form high-tech regional surveillance units
UK police forces are teaming up to form high-tech regional surveillance units to carry out covert and intrusive investigations.
25.07.11 - Hackers hit Italian cyber-police
Hackers have started to release gigabytes of secret documents stolen from an Italian cybercrime unit.
25.07.11 - Cybercrime automation demands new response and new skills
Security researchers have revealed that websites are attacked about 27 times an hour, or once every two minutes, on average, but what does this mean for IT security teams within businesses?
22.07.11 - Pfizer's Facebook page jacked by script kiddies
Pharmaceutical giant Pfizer's Facebook page has been defaced by mischief makers.
21.07.11 - Anonymous Claims Hack On NATO Servers
The hacktivist group said it's holding 1 gigabyte of information from the international alliance, as it would be "irresponsible" to release most of it.
20.07.11 - US and India sign cybersecurity agreement
The US and India have signed a non-binding memorandum of understanding (MOU) to collaborate on cybersecurity.
20.07.11 - Data breach at York University highlights urgency of security checks, says ICO
The University of York's accidental breach of thousands of students' personal data points to a need for improved security checks, according to the Information Commissioner's Office.
19.07.11 - Lancs police censured for data protection failure
Lancashire Police Authority breached the Data Protection Act by publishing the details of a complaint from an individual member of the public on its website, the Information Commissioner's Office (ICO) has revealed.
19.07.11 - The Sun website redirected to fake Murdoch suicide page, as LulzSec returns in News International action
The Sun website was hacked last night with redirects made to the LulzSec Twitter page and a fake homepage claiming the suicide of Rupert Murdoch.
19.07.11 - Councils show compatibility with GCSx but not ability to track activity management
According to Freedom of Information Act (FoIA) requests issued by LogLogic, two of the five kept their log data for just up to three months, another for three-to-six months and the remaining two kept the logs for more than six months. The recommendation for Government Connect Secure Extranet (GCSx) compliance is to keep logs for more than six months.
18.07.11 - Lady Gaga UK website hit by hackers who access fans' names and email addresses
The names and email addresses of Lady Gaga fans have been stolen after the singer's website was breached last month.
18.07.11 - Pentagon impacted by third party attack that sees theft of 24,000 files
A targeted attack on a defence contractor in March of this year resulted in the theft of 24,000 files.
18.07.11 - Pentagon impacted by third party attack that sees theft of 24,000 files
A targeted attack on a defence contractor in March of this year resulted in the theft of 24,000 files.
18.07.11 - England’s top councils fail to comply with WAN code and cannot respond to data breaches
Three of the five largest councils in England are unable to identify potential security breaches to IT systems in real time, freedom of information (FOI) requests have revealed.
15.07.11 - Security groups team up to provide IT risk and information assurance assessments
A group of IT security organisations are teaming up to create a set of tools to help companies assess IT risks and information assurance needs.
14.07.11 - Government offshoring advice signals shift to more public sector work going overseas
The Cabinet Office has published guidance on how government departments can save money by offshoring, as public sector organisations feel the squeeze of continued spending cuts.
14.07.11 - Outsourcers look to data security transparency for competitive advantage
Reports of data breaches and malicious attacks on companies have been rife and now outsourcers are scrambling to reassure their clients, according to PricewaterhouseCoopers (PwC).
13.07.11 - GCHQ has lost up to £1m worth of equipment, ISC report reveals
The Government Communications Headquarters (GCHQ), which is responsible for key aspects of the UK's cybersecurity, has lost equipment worth up to £1m, the latest Intelligence and Security Committee (ISC) report reveals.
12.07.11 - Cyber terrorism set to increase after al-Qaeda calls for more cyber attacks, says government
Cyber terrorism will become an increasing problem as the tools and techniques needed for cyber attacks become more widely available, according to a report on the government's new counter-terrorism strategy.
12.07.11 - More than 90,000 US military credentials revealed following Anonymous attack on government consultancy
Anonymous has released the email addresses and encrypted passwords of around 90,000 military personnel following a series of online attacks against government consultancy Booz Allen Hamilton.
11.07.11 - ICO reports that private sector was responsible for a third of data breaches, yet most businesses refuse an audit
According to the Information Commissioner Christopher Graham, of the 603 data security breaches reported to the ICO in 2010/11, 186 occurred in the private sector, yet only 19 per cent of businesses contacted by the ICO accepted a free data protection audit.
11.07.11 - Patriot Act vs. European law: What are the likely outcomes?
Between the transposing of the EU Data Protection Directive in 1998 and the terrorist attacks in New York in September 2001, trade relations between the United States and the European Union were mutual, bilateral and safe.
07.07.11 - Personal info on 34,000 MSSB clients goes missing in the mail
Morgan Stanley Smith Barney, the world's largest brokerage, said compact discs containing tax information of 34,000 clients were lost in transit to the New York State Department of Taxation and Finance.
07.07.11 - New figures highlight police's shameful data breaches
Nearly 1,000 UK police workers have been disciplined over the past three years for abusing their position to access personal data, with 98 dismissed and 243 receiving criminal convictions, new research has revealed. Read more: http://www.computing.co.uk/ctg/news/2086470/figures-highlight-polices-shameful-breaches#ixzz1RWUNDlMr Computing - Insight for IT leaders Claim your free subscription today.
06.07.11 - MEPs approve tougher data breach rules for all
The European Parliament has approved reforms to the Commissions Data Protection Directive of 1995, which will see individuals given greater control over information held on them by organisations and a right to be informed in the event of any data breaches.
06.07.11 - National campaign to reduce war memorial theft
A campaign to locate, log and protect thousands of war memorials across the UK, using cutting edge forensic technology, is being launched today.
06.07.11 - ICO: "Businesses must 'open their doors' to data protection audits"
This morning's stark warning from the ICO comes on the same day the organisation launches its Annual Report (in which the statistics suggest it’s private sector companies who collated the most data security breaches of any sector during 2010-2011).
06.07.11 - PayPal UK’s Twitter account hacked
In another high-profile Twitter attack, hackers have hijacked PayPal UK's Twitter account and posted tweets critical of the online payment processing company.
06.07.11 - Cancer centre accused of not protecting patient data by failing to implement encryption
A US cancer centre is being sued by a former patient after it was accused of allowing a laptop to be stolen containing their, and other patients' information.
05.07.11 - This week sees the launch of the International Cyber Security Protection Alliance (ICSPA).
This week sees the launch of the International Cyber Security Protection Alliance (ICSPA).
05.07.11 - UK government calls on all sectors to play a role in cybersecurity
Cybersecurity demands the efforts of the whole of society, says UK armed forces minister Nick Harvey.
04.07.11 - Government signs framework agreement and names suppliers for public sector networks
The government has signed a framework agreement worth an estimated contract value of £5m to enable central and local authorities transition to public sector networks (PSN).
01.07.11 - Information Commissioner claims that health service needs a culture change and to do more to keep data secure
According to the Information Commissioner Christopher Graham, the NHS needs to do more to keep patients' personal information secure and while human error does occur, major incidents suggest that the security of data remains a systemic problem.
01.07.11 - Indian Groupon usernames and passwords published on Google
According to risky.biz, the entire user database of Groupon's Indian subsidiary Sosasta.com was accidentally published. It was discovered by Australian security consultant Daniel Grzelak as he searched for publicly accessible databases containing email address and password pairs.
29.06.11 - Insider threats a major concern for India Inc
Insider threats are now a major concern for Indian organizations, according to a study conducted by the Data Security Council of India (DSCI) and PricewaterhouseCoopers (PwC), released as part of the DSCI Best Practices meet held in Bangalore on June 28, 2011. Other issues addressed at the meet included discussions around the contentious IT rules 2011, data protection in cloud computing and compliance.
28.06.11 - Security is key issue for mobile payment adoption
Mobile security will be increasingly important as mobile payment adoption increases over the next four years, according to research.
24.06.11 - Office of National Statistics denies census data was compromised
The Office of National Statistics has denied that personal census information was compromised earlier this week.
20.06.11 - Senior managers ‘committing more workplace fraud’
Senior managers are increasingly committing fraud as ‘red flag’ warning signs are “missed and ignored”, research from KPMG has revealed.
20.06.11 - All UK firms to face mandatory data breach notification regime
All businesses in the UK that store data on customers will soon have to disclose any breaches, as the European Commission looks to widen the scope of recent changes to data protection laws.
17.06.11 - Citigroup Bank confirms only US customers affected by data breach but raises estimate
Citigroup has confirmed only US-issued Citi credit card accounts were affected by a breach of Citigroup Bank data by hackers in May, but has revised upwards the number of accounts involved.
16.06.11 - CIA website taken down by DDoS attack
The hacking group LulzSec has hit the US government for the second time in a week, taking down the website of the CIA. A spokesperson told Reuters that its website was taken down, but that the group were prevented from accessing any sensitive data. According to the news agency, this attack was similar to the attack on the Senate in that hackers broke into the public site and downloaded information.
16.06.11 - The Security Industry Authority issues warnings
The Security Industry Authority (SIA) has handed out nine licence compliance warnings in a sweep of security businesses in four cities.
15.06.11 - Concerns raised over lost NHS laptop that contains more than eight million records
An NHS laptop containing the records of more than eight million people has been reported as ‘missing'. According to a report in The Sun, the laptop was lost three weeks ago but police were only informed this week. It was held at an NHS North Central London storeroom and is one of 20 that went missing from the storeroom. Eight have been recovered, with searches for the other 12 ongoing.
15.06.11 - PCI council published guidelines on virtualisation
The PCI Security Standards Council has published guidelines for implementing its requirements in virtualised environments.
15.06.11 - ICO takes CCTV monitoring website to task after ruling images comprise personal data
The Information Commissioner's Office (ICO) has forced a CCTV monitoring website to changes the way it operates. The move from the Information Commissioner's Office (ICO) came after a ruling that CCTV images should be protected as personal data.
15.06.11 - Government to create market for personal identity data
The government is preparing to create a marketplace for citizens' personal data to be used for accessing online public services, according to documents that were issued to industry in preparation for the coalition's next-generation identity scheme.
14.06.2011 - Hackers found easy way in to Citigroup website, say investigators
Hackers who stole the financial information of more than 200,000 Citibank customers found an easy way in through a vulnerability in Citigroup's website for its credit card customers, say investigators.
13.06.11 - T-Mobile data theft case: why is it important?
The Chester Crown Court has ordered two former employees of UK mobile operator T-Mobile to pay a total of £73,700 after stealing and selling customer data from the company in 2008, but why is this a landmark ruling?
13.06.11 - Codemasters confirms attack and data breach
Attacks against the gaming sector have continued with a ‘significant' data theft against Codemasters.
10.06.11 - National Crime Agency will re-use old SOCA technology
Home secretary Theresa May gave further details of the likely structure of the National Crime Agency (NCA) in a Commons speech yesterday. The NCA is the body set to replace the Serious and Organised Crime Agency (SOCA) and it will begin work in 2013.
10.06.11 - ICO fines Surrey County Council £120,000 for multiple email privacy failures
The Information Commissioner's Office (ICO) has issued its sixth monetary penalty to Surrey County Council for a ‘serious breach of the Data Protection Act'.
09.06.11 - Citigroup banking network hacked
Hackers have breached Citigroup's banking network and accessed the data of about 200,000 North American customers.
08.06.11 - Employee devices still permitted in the workplace despite the dangers
Half of large UK businesses allow the use of employee-owned devices in the workplace, despite 84 per cent agreeing that the use of such devices increases the risk of data leakage incidents.
08.06.11 - IT head at Ofcom sent down for £522,123 fraud
A former IT head at Ofcom has been sentenced to two years for defrauding the communications regulator more than half a million pounds.
08.06.11 - Many retailers not confident of protecting increasing volumes of data
Retailers are creating and collecting more and more information through online interactions with customers, but less than half are protecting it with appropriate security technology and policies.
08.06.11 - Employee devices still permitted in the workplace despite the dangers
Half of large UK businesses allow the use of employee-owned devices in the workplace, despite 84 per cent agreeing that the use of such devices increases the risk of data leakage incidents.
07.06.11 - RSA chairman admits that SecurID was responsible for Lockheed Martin breach
RSA has confirmed that its SecurID was compromised following the breach earlier this year.
03.06.11 - Serco buys Indian services firm Intelenet in move to public sector offshoring
Outsourcing giant Serco has acquired Indian IT services provider Intelenet for £385m to bolster its BPO offering.
03.06.11 - Another Sony site hacked
Sony has apparently fallen prey to yet another hacking attack in which the personal information of more than 1,000,000 users of its SonyPictures.com web site has been compromised. .
02.06.11 - Google admits to password interception of high profile Gmail users
Google has admitted that some of its users have received phishing messages that stole passwords.
31.05.11 - ICO finds two charities to be in breach of the Data Protection Act following stolen laptops
Two charities have been found in breach of the Data Protection Act by failing to encrypt computers that were subsequently stolen
27.05.11 - Australian bank contacts around 8,000 customers after merchant breach
Australia's Commonwealth Bank has cancelled around 8,000 credit cards after a data breach was detected at a merchant.
26.05.11 - ICO announces that the details of 82,000 customers of Co-operative Life Planning were released online following hack
The breach occurred in March 2011 when the details of 82,000 people were accidentally published online when a data file, that had been repaired by Co-operative Life Planning's software support contractor, was hacked.
24.05.11 - Businesses admit to lost devices but have improved security
Around half of organisations have lost or had stolen a mobile device that contained critical business data.
23.05.11 - Staff well aware of power of encryption keys
Half of IT staff admit that they could hold their employers hostage by withholding or hiding encryption keys.
20.5.11 - US security firm uncovers SCADA threats to power plants and oil refineries
A US security research organisation says it has discovered methods hackers could use to sabotage power plants, oil refineries or manufacturing operations.
19.5.11 - Government outlines plans for identity assurance services
The government has outlined plans for identity assurance services to be used across all online public sector services.
19.05.11 - PCI security standards council confirms new advisory board
Representatives from Barclaycard, British Airways, Disney, Heartland Payment Systems, PayPal, RSA, Cisco and Wal-Mart Stores are among the new board of advisors for the PCI security standards council.
18.05.11 - IT departments should consider a full time data security expert
A disconnect between IT and the board is a problem and the two have to be brought together for the benefit of better data security.
16.05.11 - Somerset County Council rapped by ICO after sending personal information to wrong person
The Information Commissioner's Office (ICO) has confirmed that Somerset County Council breached the Data Protection Act by sending a social service assessment about a local teenager to the wrong family.
16.05.11 - Government makes public-sector services online-only
The government is to push ahead with its plans to migrate more public-sector services to online-only provision next month.
13.05.11 - White House proposes cyber network security legislation
The White House has proposed cyber security legislation to protect the US government and private computer systems from millions of daily cyber attacks.
11.05.11 - Financial services CIOs use regulatory compliance to drive IT innovation
Financial services CIOs are taking advantage of a growing burden of compliance regulation to introduce innovative IT into their organisations.
11.05.11 - IT professionals leave sensitive data on mobile devices unprotected
A survey of IT professionals reveals a worrying trend that leaves large numbers of organisations prime targets for data thieves.
11.05.11 - UK code of practice on data sharing launched
A new statutory code of practice designed to help businesses and public sector bodies share people’s personal information appropriately has been published today by the Information Commissioner’s Office (ICO).
11.05.11 - Former ACS:Law data controller fined £1,000 over breach that affected almost 6,000 people
The Information Commissioner's Office (ICO) issued its fifth monetary penalty yesterday to the former data controller of ACS:Law.
10.05.11 - UK workers in the dark about IT security, study reveals
Most security professionals believe employees play an important role in IT security, yet 64% of UK workers are given no IT security training in the workplace.
10.05.10 - Baroness Pauline-Neville Jones stands down as security and counter-terrorism minister
Baroness Pauline Neville-Jones has resigned her position as the Government’s security and counter-terrorism minister, and has now been appointed special representative to business on the subject of cyber security. Brian Sims reports.
06.05.11 - Master password service warns of possible breach
Password management vendor LastPass has issued a security notification warning that its database may have been accessed.
04.05.11 - NHS Barnet reveals 187 breaches of personal data
A primary care trust has topped a list of 30 NHS organisations in London revealing the number of data breaches of personal information
04.05.11 - The X Factor hit by database breach, leading to quarter of a million personal details being stolen
The personal details of 250,000 The X Factor hopefuls may have been compromised following a database hack.
03.05.11 - Sony warns of almost 25 million extra user detail theft
A further 25 million gamers have had their personal details stolen as a result of security breaches at Sony.
27.04.11 - PlayStation Network hacked, data on millions at risk
Sony may have sustained the largest cyber intrusion since the Heartland Payment Systems breach, disclosing on Tuesday that its PlayStation Network (PSN) was hacked to steal sensitive information belonging to users.
20.04.11 - Deputy Information Commissioner refutes freedom of information findings, as ICO prepares first mandatory disclosure laws
The deputy Information Commissioner has disputed claims made by a security vendor over how many data breaches are resulting in penalties.
20.04.11 - ICO Deputy commissioner says, ideally, the ICO would like bigger fining powers.
The Information Commissioner’s Office (ICO) would like fining powers above its £500,000 cap, a senior figure from the privacy watchdog has admitted today.
17.04.11 - MoD Blamed As UK Nuclear Submarine Secrets Go Public
The UK Ministry of Defence has published a classified government report on its website that contained blacked out parts that were unfortunately useless when doing a straight copy/paste.
11.04.11 - Life and pensions firm concerned about lost tape that contained personal and bank account details
An Irish life and pensions company admitted that it may have lost the personal details of about 50,000 current and former customers following a lost tape.
05.04.11 - City of York Council breaches Data Protection Act after personal information was incorrectly sent to a third party
The Information Commissioner's Office (ICO) has reported that City of York Council has breached the Data Protection Act by accidentally disclosing personal data to a third party.
04.04.11 - Royal Cornwall Hospitals NHS Trust rapped by ICO over subject access request breaches
The Royal Cornwall Hospitals NHS Trust breached the Data Protection Act by disclosing third-party personal data on two occasions, according to the Information Commissioner's Office (ICO).
04.04.11 - Banking customer data stolen in marketing firm attack
Email marketing firm Epsilon has suffered a cyber attack, potentially losing the personal details of millions of banking customers worldwide
30.03.11 - Breach at The Co-operative Group leads to exposure of 83,000 records
An unnamed third party has been blamed for an error that led to a breach of 83,000 customer records from The Co-operative Group.
30.03.11 - BP employee loses laptop containing unencrypted details of 13,000 Deepwater Horizon claimants
An unencrypted BP laptop that contained the details of 13,000 Louisiana residents has been lost.
30.03.11 - 'Fake bomb' UPS flight from UK to Turkey investigated
An investigation has been launched into how a fake bomb was put on a cargo plane and flown from the UK to Turkey without being detected.
28.03.11 - Hackers target business secrets
Intellectual property and business secrets are fast becoming a target for cyber thieves, a study suggests.
23.03.11 - Leicester City Council confirms new data breach
Leicester City Council has confirmed the loss of a memory stick that contains details of about 4,000 vulnerable people to a local newspaper.
23.03.11 - The impact of the RSA token data breach is still undetermined
The RSA SecureID token breach could affect up to 100 million people.
23.03.11 - Private sector to play key role in government's new cyber security strategy
The government will publish a new cyber security strategy in the coming months, Neil Thompson, director of the Office of Cyber Security and Information Assurance (OCS) revealed today.
21.03.11 - Report: Data breach cost increases by 13 per cent to £1.9m
An average data breach incident cost UK organisations £1.9m in 2010, a 13 per cent increase on 2009 figures, according to an annual report from security firm Symantec.
18.03.11 - Security firm RSA hacked
RSA, the security division of storage provider EMC, admitted that it has been hacked by cyber criminals.
16.03.11 - University of York in student data breach on website
An investigation has begun at the University of York after personal data of 148 students was published.
16.03.11 - Wolverhampton City Council found in breach of the Data Protection Act
Wolverhampton City Council has been found to be in breach of the Data Protection Act after confidential personal information was disposed of in a skip.
15.03.11 - Businesses struggle with security priorities and limited employee awareness
More than half of IT security believe employees have little or no awareness about data protection or corporate security policies and cite identity awareness as a security priority for the next year.
15.03.11 - Card details of 5,000 British people among hoard of possessions of gang arrested in Thailand
Four Romanian tourists have been arrested in Thailand accused of perpetrating an ATM credit card scam that stretched around the world.
07.03.11 - Exercise Watermark to test UK's flood response
The largest flood defence exercise ever held in the UK is getting under way - and will last all week.
25.02.11 - Workers continue to use unsecure methods when it comes to portable devices
If a mystery USB stick was found, 76 per cent of workers would plug it into company PCs.
24.02.11 - Cambridgeshire County Council loses 'unapproved' USB sticks, following problems with encrypted device
Cambridgeshire County Council has breached the Data Protection Act after losing a memory stick that contained sensitive data relating to vulnerable adults.
21.02.11 - Identity and Passport Service found in breach of Data Protection Act
The Identity and Passport Service (IPS) is the latest body to be taken to task for breaching the Data Protection Act (DPA).
17.02.11 - Cybercrime costs the UK more than £27 BILLION a year
Attacks on computer systems, industrial espionage and theft of company secrets costs businesses alone at least £21billion.
11.02.11 - Gwent Police found in breach of the Data Protection Act after sending criminal record checks to an IT website
Gwent Police has been found to be in breach of the Data Protection Act after Criminal Reference Bureau (CRB) checks were accidentally emailed to The Register.
11.02.11 - Irish recruitment website hacked, leading to the breach of around 400,000 user details
The Irish job website RecruitIreland.com was hacked earlier this week, resulting in breached systems and the theft of the credentials of 400,000 users.
08.02.11 - Two councils hit with big fines for laptop blunder
Unencrypted data gaffe hits Hounslow, Ealing
07.02.11 - Anonymous attacks US security company
HBGary chief Aaron Barr's Twitter account hijacked and personal details leaked in revenge for infiltration of hacking collective
03.02.11 - Stolen unencrypted hospital laptop causes discussions on data encryption
An unencrypted laptop belonging to a Yorkshire hospital was stolen potentially impacting 1,500 patients.
25.01.11 - Government website login details are sold online
Major European and US government websites revealed to have been hacked, with access to the sites put on public sale.
24.01.11 Gloucestershire Police fails to record lost devices and tapes
Two tapes of separate 999 calls and a USB memory stick were misplaced by Gloucester Police over a one-year period.
21.01.11 - Passwords of up to ten million smartphone users may be exposed after app developers hacked
A mobile application developer has warned of a data breach that could affect up to ten million users
20.01.11 - Doctor loses patient data on laptop after breaking policy to take it home
Hull and East Yorkshire Hospitals NHS Trust has apologised after patient data was stolen from a doctor's home.
17.01.11 - Cancer researcher has laptop stolen with no data backed up
A cancer researcher at Oklahoma University has had her laptop stolen, with several years worth of research lost.
12.01.11 - Government departments criticised over data sharing mistake
Three government agencies have been criticised over a data sharing mistake that led to the wrongful disclosure of a woman's personal and financial information.
07.01.11 - UK terrorism security threat level raised at airports
The terrorist threat level specific to major UK transport hubs has been raised from substantial to severe, the BBC understands.
07.01.11 - Vodafone Australia customer details sold to criminals
Vodafone Australia may face a class action for breach of privacy after it confirmed that its customers' details may have been sold to criminals.
07.01.11 - Yorkshire NHS and police admit data breaches
NHS trusts and police forces in Yorkshire have seen staff misusing personal information
06.01.11 - Scottish Court Service in breach of Data Protection Act after disposing of documents in a recycling bank
The Scottish Court Service has been found to be in breach of the Data Protection Act after court documents were accidentally disposed of at a local recycling bank.
05.01.11 - UK schools extremely vulnerable to hackers, warn security experts at NGS Secure
Many primary and secondary schools in the UK thought to be highly vulnerable to cyber attacks following confidential audit of two schools.
05.01.11 - Secure Birmingham hospital exit 'was left unlocked'
A "fundamental failure" in care allowed a man with severe schizophrenia to walk out of a supposedly secure hospital in Birmingham, an inquest has heard.
04.01.11 - Corporate security: not just for Christmas
8.5m office workers are planning to plug Christmas gadgets into the workplace. Something else to worry about...
03.01.11 - Funding the new Home Guard to protect against cyber attacks
For the first time, cyber threats are on the fast track to the Prime Minister's in-tray. And with £650 million available, the Government is putting its money where its mouth is.
23.12.10 - Santander admits statement glitch
Banking giant Santander has admitted that up to 35,000 people could have received other customers' details on bank statements.
20.12.10 - Office workers more concerned about breaking a device than losing it
More than half of office workers are unaware of the cost of a data breach, as they believe a physical break is more expensive than a loss.
20.12.10 - Fire control centre plan scrapped
The Government has announced it is scrapping a controversial scheme to replace 46 fire control centres in England with nine new sites, which an MP claimed has "wasted" £1.3 billion.
16.12.10 - UK retailers prove to be generally aware of PCI DSS but concerns that 13.8 per cent are completely unaware of it
Almost a third of UK retailers are completely unaware or only partially aware of the new version of the Payment Card Industry Data Security Standard (PCI DSS).
14.12.10 - Email service provider breach leads to McDonald's customer data being leaked
A third party breach has led to McDonald's customer data being leaked.
10.12.10 - Cabe’s fate to be decided ‘before Christmas’
The government is expected to announce a plan for the future of design quango Cabe before Christmas following a series of high-level discussions in recent days
09.12.10 - Privacy project uses cryptography to reduce shared info
A project that could radically reduce the amount of personal information we share in our dealings has been revealed by IBM researchers.
09.12.10 - Anonymous hacktivists say Wikileaks war to continue
A member of the Anonymous group of hackers, which has been targeting firms it sees as being anti-Wikileaks has said the campaign is not over.
09.12.10 - Government to pay for security guards at Jewish schools
The government is to pick up the cost of providing security guards at Jewish faith schools in England amid concerns about anti-semitic threats to pupils.
08.12.10 - Many buildings unsuitable, NHS figures show
Patients are being treated in cramped, unsuitable and badly laid out hospitals as ageing NHS buildings struggle to cope with the demands of the modern health service.
03.12.10 - Business must educate users on security risks of Twitter, warns Symantec
As Twitter becomes a news source for millions of people, businesses must educate employees about the risks involved in using the service, says IT services firm Symantec.
02.12.10 - Wikileaks cable breach highlights insider security threat
The release of thousands US diplomatic cables by whistleblowing site Wikileaks has prompted swift action to seal off official IT systems, according to the Scientific American.
01.12.10 - Nearly three-quarters of UK orgs hit by data breaches, study shows
Data breaches continue to be a major concern around the world, with 71% of UK organisations reporting at least one data breach in the past year, a study has shown.
30.11.10 - EC pushes for uniform data protection legislation across Europe
Europe has the best data protection laws in the world, but the rapid pace of technology change has prompted new questions and challenges, according to Viviane Reding, the EC justice, rights and privacy commissioner.
29.11.10 - Virgin Media shuts down 500 unsecured in-house wireless access points
Virgin Media has deployed a new corporate wireless network across 30 of its UK sites after discovering up to 500 staff members were using shop-bought routers to access unsecured wireless networks at work.
29.11.10 - Massive policy changes in data protection hold keys to business opportunity
This past year, 2010, will be remembered as an important year for data protection, with the highest level of regulatory activity for more than 40 years.
26.11.10 - Personal details on stolen laptop
SHEFFIELD employment firm A4e has been hit with a £60,000 fine after the theft of a laptop containing the personal details of 24,000 people.
24.11.10 - Commissioner issues first Data Protection Act fines
A county council that faxed details of a child sex abuse case to a member of the public is to be fined £100,000 for breaching the Data Protection Act.
24.11.10 - UK terror threat at three-year high, warns police chief
The threat of terrorism in the UK is at its most dangerous level for three years, Metropolitan Police Commissioner Sir Paul Stephenson has warned.
23.11.10 - Number of employees who would steal data increases significantly
Almost three-quarters of employees would steal company secrets if they were fired and had clear plans to take something with them if they left.
22.11.10 - Survey find that more than half of IT departments do not protect laptops or use data or device encryption
More than half of UK corporate laptops are not protected against theft or data loss.
19.11.10 - A relaxation in GCSx requirements should not mean an end to security standards
September's announcement of a relaxation in the GCSx requirements should be welcomed but claims are made that it is important to maintain standards.
17.11.10 - Germany tightens airport security over attacks threat
Germany is increasing security at airports and railway stations in light of "concrete indications" of terrorist attacks being planned for the end of November.
12.11.10 - Top-level probe over NHS records security breach claim
HEALTH chiefs are being investigated over claims that IT blunders compromised the security of thousands of patient records.
08.11.10 - Ministry of Justice, Home Office and Metropolitan Police lose almost 200 laptops and smartphones in two years
Almost two hundred laptops have been lost by Britain's key law enforcement organisations in the past two years.
08.11.10 - Royal Navy website attacked by Romanian hacker
The Royal Navy's website has been hacked by a suspected Romanian hacker known as TinKode.
03.11.10 - Portsmouth City Council rapped by ICO after untrained member of staff sent out wrong sensitive information in a subject access request
Portsmouth City Council mistakenly provided sensitive information about an individual when a request was made about another person.
03.11.10 - New claims made on the dangers of an insider threat and that key management needs to be considered
An insider threat challenge could be posed if encryption keys are held by someone who leaves the company.
03.11.10 - Google in 'significant breach' of UK data laws
There was a "significant breach" of the Data Protection Act when Google collected personal data via its Street View cars, the UK's Information Commissioner has ruled.
01.11.10 - UK emergency committee discusses air cargo security
The prime minister is chairing a meeting of the government's emergency planning committee Cobra, as calls grow for a full review of airport security.