Found 12 bookmarks
Custom sorting
Pandora victime d’une cyberattaque… « seules des données courantes ont été copiées »
Pandora victime d’une cyberattaque… « seules des données courantes ont été copiées »
La série noire continue. C’est au tour de Pandora de prévenir ses clients d’une « violation de données personnelles ». La communication du joaillier danois est pour le moins surprenante puisqu’elle se dit victime « d'une attaque de cybersécurité » (sic). Quoi qu’il en soit, « certaines données clients ont été consultées via une plateforme tierce ». Pandora parle de « données courantes […] copiées par l'attaquant, à savoir votre nom, date de naissance, et adresse e-mail ». La société se veut rassurante : « aucun mot de passe, numéro de carte bancaire ou autre donnée confidentielle similaire n’a été concerné par cet incident ». Pandora affirme que, selon ses vérifications, « rien n’indique que ces données aient été partagées ou publiées ». La société rappelle que la protection de la vie privée est « une priorité absolue » et qu’elle prend cette « situation très au sérieux ». Ce qui ne l’empêche pas de se cacher derrière ses camarades, rappelant que ce type d’incident est « devenu malheureusement plus courant ces dernières années, en particulier chez les entreprises internationales ». Il est vrai que les fuites se multiplient, mais cela n’en fait pas une bonne raison d’être victime d’une cyberattaque, avec le vol de données personnelles. Le risque est toujours le même : « des tentatives d’hameçonnage (phishing) menées par des tiers se faisant passer pour Pandora » afin de récupérer davantage d’informations.
#next.ink#FR#2025#Pandora#Data-leak#data-breach#violation
·next.ink·
Pandora victime d’une cyberattaque… « seules des données courantes ont été copiées »
Thousands of Afghans relocated to UK under secret scheme after data leak
Thousands of Afghans relocated to UK under secret scheme after data leak
theguardian.com - Conservative government used superinjuction to hide error that put Afghans at risk and led to £2bn mitigation scheme. Thousands of Afghans relocated to UK under secret scheme after data leak Conservative government used superinjuction to hide error that put Afghans at risk and led to £2bn mitigation scheme What we know about the secret Afghan relocation scheme Afghan nationals: have you arrived in the UK under the Afghan Response Route? Dan Sabbagh and Emine Sinmaz Tue 15 Jul 2025 22.07 CEST Share Conservative ministers used an unprecedented superinjunction to suppress a data breach that led the UK government to offer relocation to 15,000 Afghans in a secret scheme with a potential cost of more than £2bn. The Afghan Response Route (ARR) was created in haste after it emerged that personal information about 18,700 Afghans who had applied to come to the UK had been leaked in error by a British defence official in early 2022. Panicked ministers and officials at the Ministry of Defence learned of the breach in August 2023 after data was posted to a Facebook group and applied to the high court for an injunction, the first sought by a British government – to prevent any further media disclosure. It was feared that publicity could put the lives of many thousands of Afghans at risk if the Taliban, who had control of the country after the western withdrawal in August 2021, were to become aware of the existence of the leaked list and to obtain it. The judge in the initial trial, Mr Justice Knowles, granted the application “contra mundum” – against the world – and ruled that its existence remain secret, resulting in a superinjunction which remained in place until lifted on Tuesday. The gagging order meant that both the data breach and the expensive mitigation scheme remained hidden despite its size and cost until the near two-year legal battle was brought to a close in the high court. At noon on Tuesday, the high court judge Mr Justice Chamberlain said it was time to end the superinjuction, which he said had the effect of concealing discussions about spending “the sort of money which makes a material difference to government spending plans and is normally the stuff of political debate”. A few minutes later, John Healey, the defence secretary, offered a “sincere apology” for the data breach. In a statement to the Commons, he said he had felt “deeply concerned about the lack of transparency” around the data breach and “deeply uncomfortable to be constrained from reporting to this house”.
#theguardian.com#EN#UK#2025#Ministry#data-breach#data-leak#Afghans#relocations
·theguardian.com·
Thousands of Afghans relocated to UK under secret scheme after data leak
Verisource Services Increases Data Breach Victim Count to 4 Million
Verisource Services Increases Data Breach Victim Count to 4 Million
Verisource Services, an employee benefits administration service provider, has determined that a previously announced data breach was far worse than initially thought and has affected up to 4 million individuals. The Houston, Texas-based company detected a hacking incident on February 28, 2024, that disrupted access to some of its systems. Third-party cybersecurity and incident response experts were engaged to investigate the incident and determine the nature and scope of the unauthorized activity. The forensic investigation confirmed hackers had access to its network and exfiltrated files on February 27, 2024. At the time of the initial announcement, Verisource Services said names, dates of birth, genders, and Social Security numbers had been stolen. The affected individuals included employees and dependents of clients who used its services, which include HR outsourcing, benefits enrollment, billing, and administrative services. The data breach was initially reported as affecting 1,382 individuals, but as the investigation progressed, it became clear that the breach was worse than initially thought. In August 2024, the data breach was reported to the HHS’ Office for Civil Rights (OCR) as involving the protected health information of 112,726 individuals. The most recent notification to the Maine Attorney General indicates up to 4 million individuals have been affected, a sizeable increase from previous estimates. The OCR breach portal still lists the incident as affecting 112,726 patients and plan members of its HIPAA-regulated entity clients, although that total may well be updated in the coming days. Verisource Services explained in the breach notice that the data review was not completed until April 17, 2025, almost 14 months after the security incident was detected. Verisource Services reported the security incident to the Federal Bureau of Investigation, and several additional security measures have been implemented to improve its security posture. Notification letters had previously been sent to some affected individuals; however, the bulk of the notification letters have only recently been mailed. Verisource Services said complimentary credit monitoring and identity theft protection services have been offered to the affected individuals, who will also be protected with a $1,000,000 identity theft insurance policy.
#hipaajournal#EN#2025#Verisource-Services#US#forensic#investigation#Data-Breach#Data-Leak
·hipaajournal.com·
Verisource Services Increases Data Breach Victim Count to 4 Million