In the order, the judge Mr Justice Arnold told Sky, Virgin Media, TalkTalk, O2 and Everything Everywhere to begin blocking access to The Pirate Bay.

A sixth ISP, BT, requested “a few more weeks” to consider their position on blocking the site.

Virgin Media said in a statement: “Virgin Media has received an order from the courts requiring it to prevent access to The Pirate Bay in order to help protect against copyright infringement.

“As a responsible ISP, Virgin Media complies with court orders addressed to the company but strongly believes that changing consumer behaviour to tackle copyright infringement also needs compelling legal alternatives, such as our agreement with Spotify, to give consumers access to great content at the right price.”

Mr Justice Arnold said in a written judgment in February: “In my judgment, the operators of [The Pirate Bay] do authorise its users’ infringing acts of copying and communication to the public. They go far beyond merely enabling or assisting.

“I conclude that both users and the operators of [The Pirate Bay] infringe the copyrights of the claimants … in the UK.”

The information included peoples’ names, addresses and dates of birth, as well as a limited amount of data relating to the individuals’ health. The charity – Enable Scotland (Leading the Way) – promptly reported the incident to the ICO in November 2011 and informed those individuals affected.

The ICO’s investigation found that the information should have been deleted from the memory sticks once it had been uploaded onto the charity’s server. The charity had no specific guidance for home workers on keeping personal data secure, and portable media devices used to store sensitive personal information were not routinely encrypted.

Ken Macdonald, Assistant Commissioner for Scotland said:

“Organisations that use memory sticks to store personal information must make sure the devices are properly protected. Encrypting the data means that the information will remain safe even if the device is later lost or stolen. It is also important that employers provide home workers with guidance on how to keep any personal data taken outside of the office secure, as this is potentially when the information is most vulnerable.

“We are pleased that Enable Scotland has taken action to keep people’s information safe, however this incident should act as a warning to all charities that they must ensure that personal information is handled correctly.”

Peter Scott, Chief Executive of Enable Scotland, has now signed an undertaking, committing the charity to improving its compliance with the Data Protection Act. This includes making sure laptops used to store sensitive personal data are encrypted. Hard copy files will only be removed from the office when absolutely necessary and will contain the minimum amount of personal data required. Guidance will also be provided to home workers, to ensure that any personal data taken outside of the office is kept secure.

Earlier this month, the online-collective Anonymous stated, via Twitter, that it possessed portions of the code in question and planned to release it in support of a class-action lawsuit filed by consumers – the suit claims Symantec employed scare tactics to encourage users to purchase its wares. If you have the company’s pcAnywhere solution deployed, Symantec suggests only using it for “business critical purposes,” as this software is “at increased risk.” Those looking to stay up-to-date on the breach and what Symantec is doing to ameliorate its effects can get the blow-by-blow from the source link below.

The security vendor said at the time that because the code is old, customers running Norton products today should not be in any increased danger of cyberattacks. However, the company admitted that users of pcAnywhere, which has not changed as much as the Norton products over the past few years, might face an increased risk because of the leak.

A patch for pcAnywhere 12.5 was released on Tuesday in order to address two security vulnerabilities that could lead to arbitrary code execution or privilege escalation. The flaws were reported privately to Symantec by security researchers Tal Seltzer and Edward Torkington.

Users of the social news site, Reddit.com, confirm this problem also happens with Tesco Mobile.

For O2 and Tesco customers browsing on a 3G connection, these headers also include their personal telephone number in an x-up-calling-line-id line. Enterprising website owners can easily keep a copy of the HTTP header information sent over by visiting browsers and tie it to IP addresses and logins, if applicable.

O2 commented on their Twitter feed:

@lewispeckover Hi Lewis. The mobile number in the HTML is linked to how the site determines that your browsing from a mobile device #O2Guru  (https://twitter.com/#!/O2/status/161872584634408960)

BT Business’ Twitter feed said the problem was fixed at 11.30 GMT, and advised users to restart their routers to get connected.

One user of TheRegister.co.uk posts:

Had this this morning.

At first, it was the ADSL Authentication failing on two ADSL2+ lines we have. That went away quite quickly, though, and has been replaced by a completely useless authenticated session that won’t shift traffic at all (literally, even a ping only hears silence). Both lines seem to be the same.

I switched us onto our emergency 3G stick which handles the traffic well for about a day before we hit limits, but the two business ADSL lines are still out of commission.

Shall I demonstrate how reliable BT are as a business provider?

My employers asked me to build a device that can automatically cut the power to the two routers we have, wait 30 seconds and restore power to them (and then restart networking scripts, etc.) at the order of a special text message (coincidentally to the same stick we use for emergency 3G access). It happens that often that our one-and-only VPN user actually “hard-reboots” the routers via text on a regular basis when his VPN software can’t connect.

Our two lines aren’t even stable enough to just run off one most of the time, I had to implement a very fancy failover / connection balancing system using a Linux router to get some sort of stability. Even then, about once a week the local exchange (50 yards away) decides to kill one or more of our sessions and we have to reconnect (via hard power off described above) for no visible reason.

Click here to see the post

The BT Broadband status page reads:

We have recently had a problem affecting Business IP addresses and it may be necessary to reboot your router.

Please power down your router & PC for a minimum of 30 seconds before reconnecting.

Once your router and PC have restarted, attempt to reconnect. We sincerely apologise for any inconvenience.

McAfee is promising to fix a vulnerability in its anti-malware service after it was alerted to a flaw that allows systems where the product was installed to be turned into spammers.

The spamming problem from this software resulted in major inconvenience for some McAfee customers, whose email was blocked after their IP addresses appeared on blacklists. McAfee’s forums show some of these customers complaining here and here.

In a blog post (here), McAfee said:

The patch will be released on January 18 or 19, as soon as we have finished testing. Because this is a managed product, all affected customers will automatically receive the patch when it is released.

McAfee says both the issues are restricted to SaaS for Total Protection and don’t affect any of its other products.

Virgin Media has said that services around the UK are now fully restored following a nationwide failure.

Virgin Media apologised to their customers for Tuesday’s blip and said that the issue had now been fully resolved.

The problems arise just as Virgin Media plans to increase speeds to most of its customers. Over the next 18 months, Virgin Media plans to double most of its customers internet speeds.

If you have still not been able to connect, please try powering down your Cable modem for five minutes and then start it back up and wait a few minutes for the connection to re-establish.

Praxis Care Limited breached both the UK Data Protection Act and the Isle of Man Data Protection Act by failing to keep peoples’ data secure. An unencrypted memory stick, containing personal information relating to 107 Isle of Man residents and 53 individuals from Northern Ireland, was lost on the Isle of Man in August 2011. Some of the information was sensitive and related to individuals’ care and mental health.

The device has not been recovered. However, Praxis has informed all affected individuals about the loss and no complaints have been received by the regulators.

The company has now committed to making sure that all portable devices used to store personal data are encrypted. Any personal information that is no longer needed will also be disposed of securely in line with the company’s updated data security guidance.

Christopher Graham, UK Information Commissioner, said:

“Carrying people’s personal information around on an unencrypted memory stick is clearly unacceptable. The fact that some of the personal details stored on the device were out of date and so surplus to requirements makes this breach all the more concerning.

“The ICO will continue to work closely with other data protection regulators where it is clear that a data breach extends across national boundaries.”

Iain McDonald, Isle of Man Data Protection Supervisor, said:

“Today’s joint action aims to send a clear message to organisations that a lax attitude to data security will not be tolerated by either the ODPS or the ICO. We will continue to work with regulators in other countries to ensure that our residents’ personal information is protected.”

The laptop was stolen from the home of Ruth Crawford QC in 2009 when she was away on holiday. It contained personal data relating to a number of individuals involved in eight court cases the advocate had been working on. This included some details relating to the physical and mental health of individuals involved in two of the cases. The device has not been recovered; however, most of the information compromised would already have been released as evidence in court papers.

The breach was only reported to the ICO on 30 August 2011 when the last case relating to information held on the laptop was concluded. The ICO’s enquiries found that, whilst Ms Crawford had some physical security measures in place at the time of the theft, she failed to ensure that either the device or the sensitive information stored on it was appropriately encrypted.

The QC has now agreed to put the necessary changes in place to ensure this type of incident does not happen again. This includes locking away any personal information stored at her home and following any future data protection guidance issued by the Faculty of Advocates or her stable.

Ken Macdonald, Assistant Commissioner for Scotland said:

The legal profession holds some of the most sensitive information available. It is therefore vital that adequate security measures are in place to keep information secure.

 

As this incident took place before the 6 April 2010 the ICO is unable to serve a financial penalty in this instance. But this case should act as a warning to other legal professionals that their failure to protect personal information is not just about potentially being served with a penalty of up to £500,000 – it could affect their careers too. If confidential information is made public, it could also jeopardise the important work they do in court.

The memory stick – which was lost in May and has not been recovered – included, in some cases, residents’ names and addresses, along with details of payments to and by the council. The device did not include any bank account details. The information had been put on a memory stick to compile the council’s financial accounts.

The ICO’s investigation found that the council’s data protection practices were insufficient – specifically that it failed to make sure that memory sticks provided to its staff were encrypted. The council also failed to provide employees with adequate data protection training. As well as requiring the council to put all of the changes in place by 31 March 2012, the ICO will follow up with the council to ensure that the agreed actions have been implemented.

Acting Head of Enforcement, Sally Anne Poole said:

“Storing the details of over 18,000 constituents on an unencrypted device is clearly unacceptable. This incident could have been easily avoided if adequate security measures had been in place. Luckily, the information stored on the device was not sensitive and much of it is publicly available. Therefore, the incident is unlikely to have caused substantial distress to local people.

“Our investigation uncovered a number of failings at Rochdale Metropolitan Borough Council – that’s why we will follow up with the council, to ensure they’re doing everything they can to prevent this type of incident happening again.”