The Consumers’ Foundation yesterday filed the nation’s first class-action lawsuit over contraventions of the Personal Information Protection Act (個人資料保護法) against Lion Travel Service Co (雄獅旅行社).
In May last year, an estimated 360,000 Lion Travel Service transactions were compromised following an alleged cyberattack that originated abroad, the foundation said, adding that the firm’s handling of information security was “manifestly negligent.”
Personal information obtained via the hack was then utilized by fraudsters to target at least 24 people, resulting in NT$3.16 million (US$107,784 at the current exchange rate) in financial losses, including one person who lost NT$680,000, it said.
Photo: Chen Yi-chia, Taipei Times
The hack compromised transaction records that included names, telephone numbers and products purchased by the company’s clients, it said.
The foundation said that it had negotiated with the firm to settle disputes on behalf of victims, but the travel agency was unwilling to pay compensation beyond issuing rebate certificates worth NT$2,000.
Lion Travel Service has said that it has no obligation to the victims, because there was no deliberate leak of personal data, and its firewall and certification systems meet the standards of due diligence, the foundation said.
The foundation’s class-action lawsuit asks for NT$3.64 million in compensation, including verified financial losses and NT$20,000 for the distress caused to each client whose private data was exposed, it said.
Lion Travel Service should have provided better data security in light of its high brand-name recognition and its profitability, the foundation said, adding that the firm last year reported annual revenue of NT$26.78 billion.
The nation’s status as an exporter of fraud is a national disgrace, and its cause is chronically and endemically poor data security practices, foundation chairman Yu Kai-hsiung (游開雄) said.
The act, passed in 1995, has not been followed in practice by the government or private entities, he said.
“Data security breaches have been reported at the Ministry of Foreign Affairs, the Taipei City Government and many private enterprises,” Yu said. “The nation’s personal data protection is weak and most consumers have become numb to the lack of information safety.”
“This situation should not exist and it is not normal,” Yu said, adding that corporations frequently shift the blame for the results of their bad practices onto hackers.
Lion Travel Service yesterday issued a statement saying that the leak of data was the result of a malicious attack on its systems by foreign hackers and that it has not intentionally compromised the personal information of its clients.
“The Consumers’ Foundation has failed to substantively investigate the data security practices of this company, and has made reckless accusations that we did not follow laws and regulations, which has harmed our reputation,” it said.
Additional reporting by Hsiao Yu-hsin
HONG KONG SECURITY: The president blasted regulations requiring Taiwanese agents or political organizations to provide information on their Hong Kong-related activities President Tsai Ing-wen (蔡英文) yesterday warned of countermeasures should controversial Chinese national security legislation imposed on Hong Kong undermine or harm Taiwanese interests. Article 43 of the legislation empowers the Hong Kong Special Administrative Region to serve written notices to Taiwanese political organizations or individual agents to furnish information on their Hong Kong-related activities, including their personal particulars, finances, assets, expenditure and capital in the territory. Failure to comply or providing false or incomplete information can result in a fine of HK$100,000 (US$12,903) or imprisonment of six months or two years respectively. Tsai said that Taiwan would keep a close watch on how
CAUTION: Taiwanese should be alert, even if they have just liked or shared posts that would breach Beijing’s national security legislation for Hong Kong, the council said Due to the newly implemented Hong Kong national security legislation, the Mainland Affairs Council (MAC) has drawn up a list of what it described as “high-risk groups,” cautioning them not to travel to Hong Kong. People who support independence for Taiwan, Hong Kong, Tibet and Xinjiang; those who are critical of the Chinese Communist Party (CCP), the Hong Kong government and the “one country, two systems” concept; and those who donated to or voiced support for the Hong Kong anti-extradition bill movement are urged to refrain from visiting Hong Kong, the council said on its Web site. It released two posts on
MORAL COURAGE: The Ministry of Foreign Affairs urged the global community to face China’s intention to subdue Taiwan and reject such irrational requests The Ministry of Foreign Affairs yesterday strongly condemned the Chinese government for meddling with US officials’ interactions with Taiwan after FBI Director Christopher Wray revealed China’s efforts to discourage US officials from visiting Taiwan. The greatest long-term threat to the US’ information security and intellectual property, as well as its economic vitality, is China’s counterintelligence and economic espionage operations, Wray told a video event at the Hudson Institute in Washington. Beijing is engaged in a highly sophisticated and maligning foreign influence campaign, with methods that include bribery, blackmail and covert deals, he said. Giving an example, Wray said that when a US official
CAUTION: Taiwan had zero cases of death from food poisoning for six years until last year, when two people died after eating wildlife, an FDA official said The Food and Drug Administration (FDA) yesterday urged the public not to eat wildlife or unidentified wild plants, as they could be fatal, with nearly 7,000 people affected by food poisoning last year, including two deaths due to wildlife consumption. The number of food poisoning incidents increased by nearly 50 percent last year, from 398 cases involving 4,616 people in the previous year to 503 cases involving 6,944 people, FDA data showed. That figure was the second-highest in history, the FDA said, adding that the highest number was recorded in 1997, with 7,235 people. Among the 503 cases, 87 were food poisoning clusters