Canadian news organizations are reporting on a data breach of the personal information of government employees:
“A dysfunctional compensation system that's withholding paycheques from federal workers has also been breaching their privacy, CBC News has learned. Newly released documents show senior officials were warned as early as Jan. 18 that the new Phoenix system has a flaw that allows widespread access to employees' personnel records, including social insurance numbers.”
More here: http://www.cbc.ca/news/politics/privacy-phoenix-judy-foote-missing-paycheques-breach-1.3685866
Mark Bower, global director with HPE Data Security, commented: "Data privacy needs to be at the forefront of strategy in commissioning any new enterprise application processing sensitive data.
Indeed, ‘Privacy by Design’ has emerged as an essential best practice in meeting privacy compliance mandates. This embodies data-centric security to neutralize sensitive data in use, in motion, as well as at rest; software development lifecycle security and automated application vulnerability detection during release and operation.
With these strategies together in place, the risk of compromise by insider attack, malware or accident is vastly reduced, saving the embarrassing delays and consumer impact from data breaches and potentially costly post-breach remediation.”