BreachExchange mailing list archives
Two months after data breach, Lands Authority website remains offline
From: Destry Winant <destry () riskbasedsecurity com>
Date: Wed, 30 Jan 2019 00:56:39 -0600
https://www.timesofmalta.com/articles/view/20190129/local/two-months-after-data-breach-lands-authority-website-remains-offline.700056 The Lands Authority’s website remains offline two months after a data breach was exposed by Times of Malta, with clients forced to visit the regulator’s offices to settle even the smallest of issues. This newspaper reported in November that a massive security flaw had led to a large amount of personal data being dumped online. The flaw made data easily searchable through a search on engines such as Google. Times of Malta accessed more than 10 gigabytes of data, which included personal information such as scans of ID cards and e-mail correspondence. The website went offline within hours of the Times of Malta flagging the breach to the Information and Data Protection Commissioner who launched an investigation. A spokesman for the commissioner said the investigation into the data breach was “in its final stages”. “The commissioner will be issuing his decision, together with a press statement, in due course,” the spokesman said without elaborating. A spokesman for the Lands Authority reiterated that the watchdog was taking the “alleged incident very seriously, leaving no stone unturned, having engaged local and foreign experts in the field, subjecting the website and its applications to robust, in-depth testing and risk assessments”. “Tests are still ongoing. The Lands Authority is still very much actively communicating with the Information and Data Protection Commissioner and is taking on board forthcoming suggestions, direction and/or instructions,” he added. The breach was discovered just months after the general data protection regulation, a new EU-wide data protection law, came into force. It sets out a number of procedures and penalties in case of breaches, including fines of up to €20 million. Clients who made use of the Lands Authority website on a regular basis complained to this newspaper they must now go to the regulator’s offices to handle even the smallest of issues, including payment of outstanding rent bills. One client who spoke to Times of Malta on the condition of anonymity said he had an outstanding rent bill of a few euros to settle and was forced to go personally to the regulator’s offices in Valletta instead of simply paying it online. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Two months after data breach, Lands Authority website remains offline Destry Winant (Jan 30)