BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

ACS:Law breach prompts ICO warning over data security

From: Christine Fulgham <christine () opensecurityfoundation org>
Date: Thu, 7 Oct 2010 12:19:56 -0400
http://www.zdnet.co.uk/news/security-threats/2010/09/29/acslaw-breach-prompts-ico-warning-over-data-security-40090320/?s_cid=938
By Ben Woods, ZDNet UK,


On Tuesday, information commissioner Christopher Graham detailed the
questions his office would be asking in its investigation of the
leak<http://www.zdnet.co.uk/news/security-threats/2010/09/27/privacy-group-takes-on-acslaw-over-porn-data-breach-40090288/>,
which could lead to a fine for ACS:Law of up to £500,000. His commentary on
the matter came as further information about the security breach emerged,
including the fact that online sharers of music, not just pornography, had
their details exposed.

"There is a simple privacy point here: companies hold our information and they
have got to keep it
secure<http://bugzilla.eu.cnet.co.uk/show_bug.cgi?id=23370>,"
Graham told the BBC <http://www.bbc.co.uk/news/technology-11425789>. "The
question we'll be asking is: how secure was the information? How was it so
easily accessed from outside? We'll be asking questions about the adequacy
of encryption of information, the firewall, the technology, but also the
training in the company and what all that information was doing so public
facing and so easily accessed, if that is what has happened."

Andrew Wyatt of software security firm Clearswift noted in a statement that
"what's interesting about this particular investigation into data protection
breaches is that the Information Commissioner has made it clear that even
where a data breach is a result of a malicious cyberattack, this is not an
adequate defence and serves as no excuse".

[...]

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Take CREDANT Technologies short survey on cloud usage and security.
Take the survey: http://www.surveymonkey.com/s/TXDR7WT
Respond by October 12, 2010.
Enter to win a $500(US) Amazon Gift Card.
Previous By Date Next
Previous By Thread Next

Current thread: