article thumbnail

EDPB Publishes Guidelines on Examples regarding Data Breach Notification

Hunton Privacy

On January 18, 2021, the European Data Protection Board (“EDPB”) released draft Guidelines 01/2021 on Examples regarding Data Breach Notification (the “Guidelines”). The new draft Guidelines take into account supervisory authorities’ common experiences with data breaches since the GDPR became applicable in May 2018.

article thumbnail

What Is Data Minimisation? Definition & Examples

IT Governance

For example, if you’re processing the information to meet your legal obligations or contractual requirements, you can identify specific activities within those terms. Likewise, if you’re processing information to protect an individuals’ vital interests, you can ask yourself how each piece of data supports that activity.

GDPR 132
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

The Data Breach "Personal Stash" Ecosystem

Troy Hunt

That's the analogy I often use to describe the data breach "personal stash" ecosystem, but with one key difference: if you trade a baseball card then you no longer have the original card, but if you trade a data breach which is merely a digital file, it replicates.

article thumbnail

Australian Privacy Regulator Sues in Data Breach Case

Hunton Privacy

Patrick Gunning from King & Wood Mallesons reports that, on November 2, 2023, the Australian Information Commissioner filed proceedings in the Federal Court of Australia against Australian Clinical Labs Limited seeking a civil penalty ( i.e. , a fine) in connection with the company’s response to a data breach that occurred in February 2022.

article thumbnail

Inside the Massive Alleged AT&T Data Breach

Troy Hunt

This isn't unusual: "fresh" data has much greater commercial value and is often tightly held for a long period before being released into the public domain. The above example simply didn't have plain text entries for the encrypted data. It is undoubtedly in the hands of thousands of internet randos.

article thumbnail

CIPL Submits Response to the EDPB Guidelines on Examples Regarding Data Breach Notification

Hunton Privacy

On March 2, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its response to the European Data Protection Board (“EDPB”) consultation on draft guidelines on examples regarding data breach notification (the “Guidelines”).

article thumbnail

When Efforts to Contain a Data Breach Backfire

Krebs on Security

That same month, they also sold data on 1.4 But this history was either overlooked or ignored by Group-IB , the Singapore-based cybersecurity firm apparently hired by Banorte to help respond to the data breach. “We ask you to remove this post containing Banorte data. .