ABC’s of privacy this week-March 26, 2020
- OAIC advises employers to meet privacy obligations amid COVID-19 epidemic
According to ZDNet, the Office of the Australian Information Commissioner has advised employers to handle personal information per the Privacy Act of 1988, even in a pandemic. The OAIC advised that the collection, use, and disclosure of personal details should be limited to necessary information for preventing or managing COVID-19.
- OPC issues COVID-19 guidance
The Office of the Privacy Commissioner of Canada has recently issued guidance for organizations to understand their responsibilities towards privacy law maintenance during the COVID-19 pandemic. The guidance gives a clear understanding of the obligations surrounding both the Privacy Act and the Personal Information Protection and Electronic Documents Act.
- Open cloud server exposes 200M user records
According to CyberNews, researchers have recently identified an unsecured Google Cloud database containing personal data of more than 200 million American citizens. The owner of the server is an unidentified party, and it contained full names, contact information, and even sensitive financial details. While the data was exposed for an unknown amount of time, it was deleted by an unknown party on March 3rd, 2020.
- Elastic research breach exposes 5B records
SC Media reports, an unsecured Keepnet Labs database has exposed more than 5 billion records with information about security incidents over the past seven years. The privacy gap was discovered by security researcher Bob Diachenko and contained passwords, email addresses, and other prominent data leaks.
- Rogers Communications announces customer info exposed in breach
According to Bleeping Computer reports, Rogers Communications has announced that customers’ personal information was exposed via an unprotected database. The data contained personal details like email addresses, names, telephone numbers, and account numbers. Credit card information, bank and account details were not exposed through the breach, according to Rogers.
- Breaches hit online guitar service, college
According to Infosecurity Magazine, unauthorized access of TrueFire’s computer system exposed confidential user payment information for 6 months. People who made purchases between 3rd August 2019 and 14th January 2020 had their account numbers, card number, security code, and card expiration date exposed.
- European Commission puts emphasis on encryption
According to Euractiv, the European Commission is enhancing security efforts by adopting end-to-end encryption app Signal for Communications which will be used “outside of critical or sensitive exchanges.” For more info:https://www.euractiv.com/section/digital/news/the-story-behind-the-commissions-new-emphasis-on-encryption/