SAI Global GRC Community

GRC COMMUNITY
Building Organizational Integrity.
News >> Information Security

The United Kingdom Information Commissioner's Office (ICO) has announced that Racing Post has signed an undertaking (undated) to improve its electronic data security practices following the compromise of 677,335 accounts during a data breach in October 2013.

The United Kingdom Information Commissioner's Office (ICO) has announced that a bank employee responsible for investigating money laundering allegations has been fined after admitting to having read his colleagues' bank accounts.

PayPal has stated that it has "contained" a security issue made public by Australian school student Joshua Rogers, with the online payment processor maintaining that the vulnerability affected only "a small number of customers".

Published in Information Security

The United Kingdom Information Commissioner's Office (ICO) has announced that Thamesview Estate Agents (Thamesview) has signed an Undertaking (undated) after one of the company's outlets continued to dispose of papers containing customer personal information in transparent bags that were left on the street. According to ICO head of enforcement Stephen Eckersley, the information on the papers was clearly visible and included passport copies and previous tax payment details.

Published in Records Management

The American Bar Association (ABA) has made available the biographies (undated) of the panellists at its recent event The Evolution of Cybersecurity and Planning for Response, hosted by the association's cybersecurity legal task force.

The United Kingdom Information Commissioner's Office (ICO) has warned barristers and solicitors to keep files secure, following 15 data breaches related to the legal practitioners reported in the last three months. The ICO noted that "barristers and solicitors are generally classed as data controllers in their own right and are therefore legally responsible for the personal information they process".

Published in Information Security

The United Kingdom Information Commissioner's Office (ICO) has fined (21 July 2014) online travel services provider Think W3 £150,000 after a "serious breach" of the Data Protection Act 1998 c. 29 (UK) that "revealed thousands of people's details to a malicious hacker".

The United States Securities and Exchange Commission (SEC) has ordered (25 July 2014) alternative trading system (ATS) operator and Citigroup unit LavaFlow to pay a total of US$5 million to settle charges that it "fail[ed] to protect the confidential trading data of its subscribers".

The Office of the Australian Information Commissioner (OAIC) has made available a statement (21 July 2014) by privacy commissioner Timothy Pilgrim advising that the OAIC was recently informed by online retailer The Catch Group of a data breach that occurred in 2011.

Published in Information Security

The Office of the Australian Information Commissioner (OAIC) has announced that Pound Road Medical Centre has been found in breach of the Privacy Act 1988 No. 119 (Cth) by "failing to take reasonable steps to secure sensitive medical records".

Published in Records Management
Page 1 of 14

© 2013 SAI Global Limited ABN 67 050 611 642

Login

LOG IN

Register

User Registration
or Cancel