North East Lincolnshire Council has been fined a monetary penalty of £80,000 (eighty thousand pounds) for failing to encrypt a USB stick that contained personal information about the physical or mental health of pupils and their teaching requirements as well as information about their home life.
On 1 July 2011 an unencrypted USB memory stick containing personal and sensitive personal data was lost on the data controller’s premises. A special educational needs teacher had been working with the information held on the USB stick while using a laptop that was connected to the data controller’s networked computer system.
When logging off the system and leaving the office for the day, the teacher forgot to remove the USB stick. When the teacher realised the mistake and tried to retrieve the USB stick, it was gone.
At about 3:25pm yesterday (Monday 23rd September 2013), Google Apps suffered some service issues. Clients were noticing issues sending or receiving emails.
Google estimated that this issue affected less than 0.024% of the GMail user base.
Their team provided updates constantly every hour and at 7PM they confirmed the issue was much more widespread than first thought, affecting 50% of GMail users.
At 3AM this morning (24th September), Google confirmed that the issue was resolved and provided this statement:
As of 1600 Pacific Time, Gmail message delivery and attachment download is functioning normally for all users. We apologize for the duration of today’s event; we’re aware that prompt email delivery is an important part of the Gmail experience, and today’s experience fell far short of our standards.
The Information Commissioner’s Office (ICO) has issued Glasgow City Council with a penalty of £150,000 following the loss of two unencrypted laptops, one of which contained the personal information of over 20,000 people.
The serious breach of the Data Protection Act comes after the council was previously issued with an enforcement notice three years ago, following a similar breach where an unencrypted memory stick containing personal data was lost.
In the latest incident, two unencrypted laptops were stolen from the council’s offices on 28 May last year. The laptops were stolen from premises which were being refurbished and where complaints of theft and a lack of security had been made. One laptop had been locked away in its storage drawer and the key placed in the drawer where the second laptop was kept, but the second drawer was subsequently left unlocked overnight, allowing the thief access to both laptops.
The support for Windows XP with Service Pack 3 ends 8th April 2014. If you’re running Windows XP with Service Pack 3 (SP3) after support ends, to ensure that you will receive all important security updates for Windows, you need to upgrade to a later version, such as Windows 7 or 8.
As if Apple weren’t embarrassed enough…
Some smart person has found a bug in iOS 6.1 which effectively renders the lock screen entirely useless. By doing a bit of this and a bit of that whilst the phone is in a locked state, any person that knows the simple process can make use of the bug in iOS to unlock the iPhone 5 in a matter of seconds.
As IT Consultants, we’re not going to give you the process for doing it. We want to make users of the iPhone 5 aware of this serious security flaw so that you can be extra vigilant with your iPhone until Apple get around to releasing a fix for this mess.
By sliding to unlock, doing a few other things, then pushing the sleep/wake button, the phone will unlock as if you’ve entered the pin code (and no, you don’t enter the pin code!).
The Information Commissioner’s Office has urged organisations to review their policies on how personal data is handled, after the Nursing and Midwifery Council was issued a £150,000 civil monetary penalty for breaching the Data Protection Act.
The council arranged for the DVDs, which contained confidential video files relating to alleged offences by a nurse as well information about two vulnerable children, to be couriered to a hearing in October 2011. Upon arrival it was found that the package didn’t contain the DVDs.
The council lost three DVDs related to a nurse’s misconduct hearing, which contained confidential personal information and evidence from two vulnerable children. An ICO investigation found the information was not encrypted. The DVDs are yet to be found.
David Smith, Deputy Commissioner and Director of Data Protection, said:
“It would be nice to think that data breaches of this type are rare, but we’re seeing incidents of personal data being mishandled again and again.
There is currently a massive increase in complaints from Skype users in relation to viruses. The newest and the one that seems to be infecting a lot of users at the moment is one that sends a message to the users with the text:
lol is this your new profile pic?
The users are asked to then click a link and are taken to a downloadable .ZIP file which will infect your computer.
Skype advise that all users update their Skype application and make sure they have up to date anti virus running at all times. More importantly, we advise users to be cautious. When you see links from friends, always be careful and check that they are genuine.
Emails that claim to be “Urgent” are highly likely to contain malware as attachments a new report reveals. FireEye released a report (view it here) that details a list of top words used in phishing emails (those are emails that pertain to be from various legitimate sources with the intent of infecting the machine or conning the user to give out important information).
The attackers mainly use zip files to hide their malware, ultimately aimed at gaining access to valuable corporate and intellectual data. It appears very few corporate establishments block these kinds of executables, which FireEye’s research confirms.
The report also shows a decrease in the use of ZIP files from last year (2011), a decrease in the use of standalone EXE executables, but an increase in PDF files.
Hackers have managed to install malware on to brand new factory built and sealed PCs. This brings a whole new meaning to the old term “All Your PCs are belong to us!”
Microsoft is warning that cybercriminal gangs have managed to get the Nitol bug and other dangerous malware software installed to one in five laptops and PCs checked by their investigators. To avoid any confusion, it should be noted that reputable vendors such as Dell, HP etc. are not affected by this.
The malware installed could give the criminals control of the computers, allowing them to watch every tap of the keyboard to steal personal information including your name, address, details of any holidays and credit card information – whether it’s going down an encrypted channel or not.
A Hertfordshire police website has been hacked, leading to the publication of what appear to be login details and passwords for dozens of officers and part of the police force’s website has been taken down as a “precaution” while investigations continue. Hertfordshire Police said information stored on an externally hosted database had been published on the internet.
The information which includes phone numbers and IP addresses, relates to a number of officers in Safer Neighbourhood Teams.
The Police force said in a statement:
“Hertfordshire Constabulary is currently investigating following the publication on the internet of information stored on a database linked to the public Safer Neighbourhoods pages of the external Constabulary website.
“As a precaution these pages have been temporarily disabled whilst the circumstances as to how this information was obtained is investigated.