BreachExchange mailing list archives
ACS:Law breach prompts ICO warning over data security
From: Christine Fulgham <christine () opensecurityfoundation org>
Date: Thu, 7 Oct 2010 12:19:56 -0400
http://www.zdnet.co.uk/news/security-threats/2010/09/29/acslaw-breach-prompts-ico-warning-over-data-security-40090320/?s_cid=938 By Ben Woods, ZDNet UK, On Tuesday, information commissioner Christopher Graham detailed the questions his office would be asking in its investigation of the leak<http://www.zdnet.co.uk/news/security-threats/2010/09/27/privacy-group-takes-on-acslaw-over-porn-data-breach-40090288/>, which could lead to a fine for ACS:Law of up to £500,000. His commentary on the matter came as further information about the security breach emerged, including the fact that online sharers of music, not just pornography, had their details exposed. "There is a simple privacy point here: companies hold our information and they have got to keep it secure<http://bugzilla.eu.cnet.co.uk/show_bug.cgi?id=23370>," Graham told the BBC <http://www.bbc.co.uk/news/technology-11425789>. "The question we'll be asking is: how secure was the information? How was it so easily accessed from outside? We'll be asking questions about the adequacy of encryption of information, the firewall, the technology, but also the training in the company and what all that information was doing so public facing and so easily accessed, if that is what has happened." Andrew Wyatt of software security firm Clearswift noted in a statement that "what's interesting about this particular investigation into data protection breaches is that the Information Commissioner has made it clear that even where a data breach is a result of a malicious cyberattack, this is not an adequate defence and serves as no excuse". [...]
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Take CREDANT Technologies short survey on cloud usage and security. Take the survey: http://www.surveymonkey.com/s/TXDR7WT Respond by October 12, 2010. Enter to win a $500(US) Amazon Gift Card.
Current thread:
- ACS:Law breach prompts ICO warning over data security Christine Fulgham (Oct 07)