Tuesday December 2, 2008 5:34 AM AEST
Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
Latest Comments
"Concerned man's comments seem to intimate that if I'm using agents all will be well but the ..."
on Shavlik Technologies to broaden its patch management offerings
by Werner K | Nov 26, 2008 8:36 PM
 
"That will enhance Microsoft Office system, including SharePoint - good platform for enterprise ..."
on Companies have security to consider with in-the-cloud Office
by SGE | Nov 25, 2008 3:29 PM
 
"how many users allow per session? because the digital persona password manager allows only 10 ..."
on DigitalPersona Pro Workstation/Pro Server
by Daniel | Nov 25, 2008 12:14 AM
 
"security through obscurity...shows how detached HIPAA is from reality."
on Privacy breaches causing business instability
by priceOfFishInChina | Nov 20, 2008 1:19 PM
 
"I have been the recipient of Agent.JEN.Trojan through an email suggesting a UPS parcel (including..."
on Trojan disguised as UPS delivery note
by Vincent Laing | Nov 13, 2008 4:01 PM
Cybercrime

Newcastle browned off by data breach

  • Email a Friend
  • Print Page
Newcastle browned off by data breach
Related Articles
By Paul Fisher
Aug 1, 2007 12:07 PM
Tags: Newcastle | browned | off | by | data | breach

Following reports in the Newcastle Evening Chronicle that a council computer blunder led to a serious breach of credit and debit card details on Tyneside, there have been fresh calls for data breach laws to be introduced into the UK

Police were called in after details of thousands of people’s cards were downloaded to an address traced to the Middle East.  According to the paper, millions of financial records held by Newcastle City Council have been accessed and up to 54,000 individual card holders have been affected.  t went on to say that information was placed in error on an open server site which could be accessed by outsiders instead of a secure network. The site was shut down as soon as the problem was discovered, it says.

“There is no better argument than this for the introduction of legislation to force organisations to tell customers when their private details have been exposed to a security breach, says Steve Hurn, CEO of database security company, Secerno. 

“54,000 card details have been exposed.  There is currently no legal requirement for the council to tell the holders of those cards.  And yet anything could have happened to them.”

According to Hurn, breaches like this shouldn’t happen in the first place. “Blaming human error is no longer good enough,” he says.  “Data should be protected from human error. The technology already exists to monitor and block any abnormal behaviour such as personal data being moved to the wrong place (in this case, a public site).

"We don’t know the scale of data security breaches in the UK because organisations try to hush them up.  But statements from the US-based Privacy Rights Clearing House suggest 100m records have been exposed during their two years of monitoring such events.” said Hurn in a statement.

 
Ads by Google
Thoughts on this article? Add a comment below.
Be the first to comment on this article.

Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
Tripwire - Click here to win an iTouch
 
 
Legal Whitepapers
 
Popular Tags
banks card cybergang data ebay fbi hackers hmrc identity loss moles party prevention price responsible rsa steal stolen symantec tmobile