June 11, 2015
Password protection is critically important for both users of online accounts and those who operate the accounts. An organisation has a responsibility to have a sufficiently rigorous password system to avoid random attacks. One option is 2 factor authentication. The Privacy Act does not specify the nature of the password protections that must be in place however, if the overseas experience is any guide, once a security breach is Read the rest of this entry »
Posted in Privacy
|
1 Comment »
June 9, 2015
With the passage of the metadata laws Australian telcos will be soon storing a huge amount of personal information belonging to Australians. It is a huge task and a massive potential risk if there is a data breach. There is also the potential honeypot effect, with hackers knowing that a very significant amount of information will know be stored by telcos. In that context it is concerning that iinet has reportedly suffered a data breach in iiNet alert over security breach. Interestingly the knowledge of the breach came about as a result of the hacker offering to sell personal information. That is more common than one might think. If Read the rest of this entry »
Posted in Privacy
|
1 Comment »
When Adobe suffered a data breach on 3 October 2013, or at least announced knowledge of a data breach, it was regarded as a totemic event. Since then there have been breaches which have pushed the Adobe breach into the more mundane category. It affected the accounts of hundreds of thousands of Australians. The data breach and notification by Adobe occurred Read the rest of this entry »
Posted in Commonwealth Privacy Commissioner, Privacy
|
1 Comment »