UK launches first regional cyber-security scheme

The Cyber-security Information Sharing Partnership (CiSP), an online platform for East Midland  based companies, was launched this week. Cyber incidents can be anonymously or publically shared on  the CiSP to protect against cyber threats. This partnership between law enforcement and businesses  reflects the development of Regional Organised Crime Units across England and Wales and aims to  make the UK more resilient to cyber threats and a safer place to do business.

Personal data of 4.5 million patients stolen in Chinese cyber-attack

US hospital group, Community Health Systems Inc., has reported 4.5 million patients’ data stolen in  a cyber-attack by hackers   based in China. Information taken includes patient names, addresses,  birth dates, phone numbers and social security numbers and is the largest recorded attack of its  kind since 2009 according to data from the US Department of Health and Human Services.

Apple announces users’ personal data will be stored in China

Apple has announced that iCloud user data belonging to people in China will now be stored at China  Telecom’s data centres, triggering concerns about users’ privacy and the need to comply with  Chinese censorship laws. Other companies such as Google have so far avoided storing data in China  for these reasons. Apple has denied any potential security threat on the basis that “all data  stored with [their] providers is encrypted, China Telecom does not have access to the content.”

Supervalu reveals payment card breach

One of the largest grocery chains in the US has become the latest retailer to fall victim to a  cyber-attack. Customers’ personal information from 180 Supervalu affiliated stores such as account  names, numbers, and expiration dates have potentially  been stolen by hackers. Supervalu say there  is no evidence of any misuse of customer data so far. But they are offering complimentary consumer  identity protection to impacted customers for the next 12 months in an attempt to avoid the  backlash felt by Target Corp after its data breach last year.

Xiaomi investigated by Singapore’s Personal Data Protection Commission

One of the fastest growing smartphone companies, Xiaomi, is currently being investigated by the  Singapore Personal Data Protection Commission after a complaint sparking fears that the company was  disseminating users’ data without their consent. Individuals’ carrier name, phone number and IMEI  number was being transferred back to a server in Beijing. If   found guilty of breaching  Singapore’s Data Protection Act Xiaomi could be ordered to stop collecting data, destroy the data  or provide access to the data, and may face a fine of up to SGD 1 million (USD 800,000). Negative  publicity could have disastrous effects for this rapidly expanding company: Vietnamese consumers  have already been advised to beware of the Chinese- made handsets.

Germany proposes new cybersecurity law

Draft legislation imposing more stringent cybersecurity requirements on companies and agencies  responsible for critical infrastructure has been submitted by German Interior Minister Thomas de  Maiziere. Companies will be required to report any cyber-attacks to the Federal Office for  Information Security and will affect companies in “important areas” such as energy, information  technology and telecommunications, transport, health, water, food and financial services. The  proposal aims at making Germany a pioneer and example to other countries, providing the safest IT  systems worldwide. Critics, however, are concerned about the administrative costs for affected  companies.

Wearable tech is compromising our privacy

Wearable tech is one of the fastest growing industries in today’s market with products such as  smartwatches, smartglasses and rings for public transport payments. As companies rush to retail new  products (global sales have more than tripled in the last year) security and privacy considerations  are frequently being overlooked by both manufacturers and consumers. These gadgets collect very  personal data, including individuals’ sleep and exercise habits, but the lack of regulation within  this market makes consumers vulnerable: currently there is nothing to stop applications such as  FitBit from selling the data collected to third parties – such as health insurers – without the  users’ consent. Consumers are at risk of discovering their healthy intentions today lead to a “privacy nightmare” tomorrow.