Data stolen in cyber attack on London local authority ‘has been published’

Criminals responsible for a cyber attack on Hackney Council’s  IT systems have now published some of the stolen data, according to the London borough. The council yesterday provided an update on the investigation into the October attack, which caused widespread disruption to public services. In a statement, it said some of the stolen data has […]

South Africa considers mandatory re-registration of five-year olds’ biometric data to tackle ID fraud

A proposed change to legislation in South Africa would require the re-registration of children’s biometric data with the government when they turn five. The Draft Official Identity Management Policy published last week by the Department of Home Affairs (DHA) suggests every South African child would be required to reregister their identities as well as their […]

Russia “likely” culprit in massive SolarWinds cyber attack, US government agencies say

A group of US federal agencies has laid the blame for the SolarWinds cyber attack at Russia’s door publicly for the first time. The Cyber Unified Coordination Group (UCG) said its investigations indicate that an Advanced Persistent Threat actor “likely Russian in origin” was responsible for most or all of the ongoing cyber compromises. It […]

Singapore police can obtain Covid contact-tracing data for criminal investigations, minister confirms

Singapore police are “empowered” to obtain COVID-19 data from TraceTogether to assist in criminal investigations, a government minister told parliament. Desmond Tan, the Minister of State for Home Affairs, said yesterday that the country’s  Criminal Procedure Code allows police to use the data for investigations. This is despite the privacy notice for TraceTogether users stating  […]

Business Focus: PrivSec fundraising deals in November and December

A round-up of fundraising and business deals from the privacy, data protection and cybersecurity sectors in November and December 2020. 21st December: Privacy, security and data governance platform OneTrust announced a $300million Series C funding round, bringing the total amount of money raised by the company in the past 18 months to $710 million. TCV […]

What the Brexit trade agreement says about data protection, privacy and cybersecurity

We now have a trade agreement in place in time for the end of the Brexit transition period tonight. But what does the document say about data protection, privacy and cybersecurity? PrivSec Report pulls out the key points.   DATA PROTECTION AND PRIVACY The agreement makes it clear that as a general principle nothing in […]

ICO urges UK companies using SolarWinds Orion to check for data breaches

The Information Commissioner’s Office (ICO) has urged UK companies using SolarWind’s compromised platform Orion to determine if the personal data they hold has been affected by the cyber-attack. The ICO has released a statement urging all UK companies using Orion, an IT system management platform, to determine if hackers were able to access personal data […]

At-a-glance: Canada’s proposed new privacy law

Privacy legislation in Canada will expand data privacy obligations. PrivSec Report summarises the key changes in the bill in its current form. In November, Bill C-11 for the Digital Charter Implementation Act, 2020 was introduced to the House of Commons as part of Canada’s updated privacy legislation, which will enact the Consumer Privacy Protection Act […]