Thousands of Lloyds customers affected by RSA data box theft
The personal data of thousands of Lloyds Bank Premier Account customers has been lost following the theft of a data box from an RSA data centre. The breach only affects customers who had free Royal Sun Alliance (RSA) home insurance cover provided through their Premier Accounts between 2006 and 2012. The data does not yet appear to have been misused, but RSA is offering identity protection and the FCA and the ICO are both investigating.
Cyber extortion gang steps up attacks against financial services industry
According to net firm Akamai, the extortion gang DD4BC (which stands for "DDoS for Bitcoins") has been active since September 2014 and is also targeting media groups and gaming companies. The group routinely threatens to take firms' servers offline by launching DDoS attacks unless bitcoin ransoms are paid. It also blackmails companies by threatening to embarrass them on social media if payment is not made. DD4BC is thought to have conducted over 140 attacks in just 10 months.
EU-US data protection umbrella agreement finalised
The agreement, which has been under negotiation since March 2011, creates a framework for the protection of personal data transferred between the EU and the US for law enforcement purposes. EU Commissioner Vera Jourova promised that the agreement would ensure high-level protection for personal data used by the EU and US law enforcement agencies, including criminal records. The Umbrella Agreement will only be officially signed once the US Congress has approved the Judicial Redress Bill, which will give EU citizens privacy rights before the US courts.
Over 10 million records breached in hack on New York health insurer
Excellus BlueCross BlueShield, which discovered the attack on 5 August 2015 after hiring forensic experts, has announced that hackers first accessed its systems in December 2013 and "may have gained unauthorised access to individuals'...