UKFast security bulletin - April 2010
See all UKFast security bulletins
Tougher penalties for data breaches
This week sees tougher measures imposed for data breaches. With Google tackling Buzz's privacy issues and the Department of Justice's Inspector General emphasising the threat of identity theft, our feature story looks at the Information Commissioner's Office's newest powers of deterrence.
Also this month, Vietnam and China are identified as the latest source of hackers.
feature article
ICO warns of £500,000 fines
With Barnet Council the latest government body to misplace sensitive, unencrypted data, the Information Commissioner's Office's (ICO) new powers couldn't have arrived soon enough.
Aimed at preventing similar security breaches through 'deliberate or negligent' actions in the future, the ICO can now fine organisations who contravene the Data Protection Act up to £500,000. Compared to the previous maximum fine of £5,000, these tougher measures will be implemented alongside compulsory audit notices for central government departments found culpable of data breaches.
Information Commissioner Christopher Graham said, "Getting data protection right has never been more important than it is today. As citizens, we are increasingly asked to complete transactions online, with the state, banks and other organisations using huge databases to store our personal details.
"These penalties are designed to act as a deterrent and to promote compliance with the Data Protection Act. I remain committed to working with voluntary, public and private bodies to help them stick to the rules and comply with the Act. But I will not hesitate to use these tough new sanctions for the most serious cases where organisations disregard the law," he added.
All of the fines will go to the government's consolidated fund and not the ICO and will take into account the size and resources of the company as well as the severity of the breach. Early payment (within 28 days) will also be rewarded with a 20 per cent discount.
Other news
|
Vietnam Dismisses Google Hacking Claims The Vietnam government has this week denied any involvement with recent cyber attacks used to intimidate opponents of a large scale mining project in the country. |
1/3 think it's 'Acceptable to Pirate Software' Microsoft research has revealed that a third of people believe it is 'acceptable to pirate software', while 1 in 6 admitted to using illegal computer programs. |
|
|
China-Linked Hackers Attacked India Researchers in the US and Canada have tracked and documented a sophisticated cyber-espionage network based in China, dubbed Shadow, that targeted computers in several countries, including systems belonging to the Indian government and military. |
FBI, DOJ Identity Theft Programs Fall Short A new report from the DOJ's Office of the Inspector General says the government is making a big mistake by not making ID theft prevention and prosecution a top priority. |
|
|
Google Tinkers With Buzz Privacy Again If Google took a calculated risk when it launched Buzz earlier this year, hoping it would be worth a few privacy complaints to rapidly build a user base, it was likely one of the worst miscalculations the company has ever made. |
Fraudsters Can Easily Buy SSL Certificates Two university researchers discovered at a recent security conference that security companies often deal with governments that can compel certificate authorities to produce SSL security keys for them, which Betanews reported last week. |
Why not follow UKFast on Twitter and Facebook.
Best regards,
The UKFast team
$email_mem_acc_code