Archive for February, 2012

Personal Information is under threat from “social engineering”

This week as uncovered two more breaches of the Data Protection Actafter action was taken by the Information commissioner and the Serious and Organised Crime Agency (SOCA) against individuals who used social engineering for profit. The more criminal of the two cases involved “private detectives” blagging confidential information for their clients to use. SOCA defines […]

Rate this:

, , , , , , ,

1 Comment

PCI SSC announces formal training in Europe (London)

The Payment Card Industry Security Standards Council (PCI SSC) has announced three formal courses in London. The three courses are: Qualified Security Assessor (QSA) Training The PCI Security Standards Council operates an in-depth program for security companies seeking to become Qualified Security Assessors (QSAs), and to be re-certified each year. The five founding members of […]

Rate this:

, , , , ,

Leave a Comment

Is the Information Commissioner having a purge on breaches?

It seems that the Information Commissioner’s Office is releasing, on a daily basis, details of organisations that have breached the Data Protection Act. Every day some employee has done something they should not have done posted to the wrong place, not used the correct system, etc. which means the common cause is human… The latest involves Cheshire […]

Rate this:

, , , , ,

2 Comments

Another bad day for councils but this time there were costs attached – £180,000!

Today the Information Commissioners Office has notified two councils of monetary fines for breaching the Data Protection Act. Croydon Council has been handed a penalty of £100,000 Norfolk County Council has been served with an £80,000 Croydon Council The Croydon Council breach was the result of an unlocked bag belonging to a social worker being […]

Rate this:

, , , ,

1 Comment

Bad day at the office for UK Councils as several breach the Data Protection Act

Today the Information Commissioner has notified five councils after they breached the Data Protection Act. Information Commissioner, Christopher Graham said: “At a time when councils are increasingly working with community partners, when data is shared it is vital that they uphold their legal responsibilities under the Data Protection Act. Failures not only put local residents’ privacy […]

Rate this:

, , , , , , , ,

2 Comments

Report on Malware Activity for the last 6 months 2011 – M86

M86 a web and email security company has released its review of the last 6 months of 2011. The report has some excellent screen shots of malicious attacks, particularly phishing and spam attacks. The screenshots should be shown to all school pupils and college students so they do not make the mistakes. Equally all organisations […]

Rate this:

, , , , , , ,

Leave a Comment

PCI Security Standards Council invites payments community to input on PIN Transaction Security

The  PCI Security Standards Council (PCI SSC), has announced the launch of a 30-day period to solicit feedback from PCI Participating Organizations on the next version of the  PCI Hardware Security Module (HSM) security requirements. Hardware security modules (HSM) are non-cardholder facing devices used in connection with the protection of sensitive data, such as cardholder data (e.g. PINs), and the cryptographic […]

Rate this:

, , , ,

Leave a Comment

PayPal, Payments and PCI

Ingenico has announced a partnership with PayPal which will enable merchants with Ingenico POS devices to accept PayPal payment options, read the press release here. Ingenico and PayPal have each made statements on the relationship: “Today’s savvy shoppers want the option to choose how they pay for goods and are agile enough to easily switch between multi-shopping […]

Rate this:

, , , , , , , ,

Leave a Comment

E*Trade Securities Ltd falls foul of the ICO after losing customer records

In April 2010 E*Trade Securities Ltd discovered that 608 customer records were lost at a UK based storage facility and despite an investigate were unable to recover the records. E*Trade Securities Ltd did not have a formal agreement to store the customer information securely and subsequently informed Information Commissioner’s office in December 2010. E*Trade Securities Ltd […]

Rate this:

, , , , , ,

Leave a Comment

Fortnum and Mason fail PCI DSS requirements after a phone call…

It was reported that Fortnum and Mason’s had a Payment Card Industry Data Security Standard (PCI DSS) issue resulting from an employee asking a customer to email their credit card details so that a dispute could be resolved. “We have now fully investigated the claim that a customer was asked for their credit card details via […]

Rate this:

, , ,

Leave a Comment

Follow

Get every new post delivered to your Inbox.

Join 984 other followers