IT Company Fined for Massive Data Breach of Voters Information

An IT firm responsible for a massive leak of voter data has been fined €65,000 for data breaches.

An administrative penalty against C-Planet IT Solutions Limited was issued by the Data Protection Commissioner Ian Defuara.

The IT company was hired by the Labour Party to manage a cache of information on around 337,000 voters in Malta.

The company had failed to notify the personal data breach to the data protection commissioner within the deadline stipulated by law. Nor had it informed victims of the breach that they had been affected.

What Information Was Exposed

During the data leak, information like name, addresses, ID card details, phone numbers and voting intentions were exposed.

Times of Malta had revealed how the database was an internal list of voters which Labour had codenamed ‘Local Area Network’.

Along with information taken from the confidential electoral register, the list included a field with entries of either ‘1’ or ‘2’ beside each voter.

The entry ‘1’ indicated that the voter is considered a Labour supporter, while ‘2’ indicated that the voter is inclined towards the Nationalist Party.

TheCISO

Website | + posts

• TheCISO

  https://cisotimes.com/author/theciso/

  FTI Consulting Study Reveals Significant Communications Gaps Between CISOs and C-Suites Despite Increased Focus on Cybersecurity
• TheCISO

  https://cisotimes.com/author/theciso/

  SEC Blames SIM Swapping and Lack of MFA for X Account Hijacking
• TheCISO

  https://cisotimes.com/author/theciso/

  FCC Expands Data Breach Notification Requirements
• TheCISO

  https://cisotimes.com/author/theciso/

  Breaking: Major Firms Hit by Alarming Ransomware Blitz!