IT Governance

SEPTEMBER 7, 2023

This week, we discuss security issues at the Electoral Commission, Meta’s appeal against daily GDPR fines, and a breach affecting 10 million users of the French unemployment agency Pôle emploi. Transcript: Hello and welcome to the IT Governance podcast for Friday, 8 September 2023. The fines are due to continue until 3 November.

Government 115

Government IT Personal data GDPR 115

IT Governance

JULY 2, 2020

What is the GDPR? The Regulation came into effect on 25 May 2018, and was designed to strengthen the rights of EU residents regarding the way organisations process and use their personal data. First, the UK has implemented the UK DPA (Data Protection Act) 2018 , which adopts the GDPR into national law. A quick overview.

GDPR 111

GDPR Personal data Data breaches Compliance 111

IT Governance

JULY 1, 2020

The only saving grace for the organisation – which didn’t do itself any favours by initially denying the story and threatening to sue people who reported on it – is that the leaked database comprised a list of records from past data breaches. Amtrak resets user passwords after Guest Rewards data breach (unknown).

Data breaches 140

Data breaches Ransomware Retail Personal data 140

IT Governance

NOVEMBER 12, 2020

Security experts working for Website Planet discovered that the Spanish software firm failed to password-protect an AWS S3 bucket that held the personal details of hotel guests dating back to 2013. The post Millions of Expedia and Booking.com customers at risk after data breach appeared first on IT Governance UK Blog.

Data breaches 105

Data breaches Risk GDPR Phishing 105

IT Governance

JUNE 27, 2019

After a rampant start to the year for data breaches and cyber attacks, it’s about time we went one month without at least one massive security incident. June 2019’s total of 39,713,046 breached records is the lowest since May last year – the month that the GDPR (General Data Protection Regulation) came into effect.

Data breaches 111

Data breaches Personal data Ransomware GDPR 111

IT Governance

NOVEMBER 27, 2018

Data Breach. JavaScript keylogger sees Vision Direct’s customer data stolen. Amazon’s data breach email looks like a phishing scam. Noida: Two leak legal firm’s data to former employee, held. ‘Appalling’ emergency services data breach to be investigated.

Data breaches 111

Data breaches Ransomware Phishing GDPR 111

IT Governance

AUGUST 21, 2018

Data breaches. What steps will the ICO (Information Commissioner’s Office) take to ensure organisations comply with the recently enforced GDPR (General Data Protection Regulation)? How will customers, suppliers and partners react to organisations that suffer a breach? What is the cost of a data breach?

Retail 66

Retail Data breaches GDPR Compliance 66

IT Governance

FEBRUARY 8, 2019

Mumsnet has disclosed a data breach that occurred during a software update between 5-7 February. Roberts confirmed that passwords weren’t affected, because the information is encrypted and isn’t listed on users’ account details. . It’s a common mistake that can have serious data protection implications. .

Data breaches 82

Data breaches Encryption Passwords Government 82

IT Governance

MAY 29, 2018

Remember when I said last month that “with the GDPR less than a month away I imagine future lists will be even longer thanks to the introduction of mandatory data breach notifications”? Well, May’s list of incidents is very long, and the GDPR only came into effect at the end of the month. Data breach.

Data breaches 89

Data breaches GDPR Ransomware Passwords 89

IT Governance

MAY 7, 2024

Plus, a further 3,029,461 known records newly breached Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 395 GB.

Data breaches 59

Data breaches Education Manufacturing Retail 59

IT Governance

MARCH 26, 2020

One area you might not have considered is how to maintain compliance with the GDPR (General Data Protection Regulation) and UK DPA (Data Protection Act) 2018. Data protection law doesn’t prevent that, but you’ll need to consider the same kinds of security measures for homeworking that you’d use in normal circumstances.

GDPR 93

GDPR Compliance Phishing Risk 93

IT Governance

JUNE 29, 2018

This week, we discuss the apparent leak of 340 million data records, a vulnerability that exposed sensitive BetVictor data, a data breach affecting up to 40,000 Ticketmaster customers, and the number of GDPR complaints since 25 May. Hello and welcome to the IT Governance podcast for Friday, 29 June 2018.

GDPR 76

GDPR Passwords Data breaches Access 76

IT Governance

JULY 10, 2019

million for a massive data breach that it disclosed last year. The names and contact details of 383 million customers were compromised in the incident, along with millions of password numbers and payment card details. million for a breach it disclosed in September 2018. Marriott International is to be fined £99.2

Data breaches 60

Data breaches GDPR Passwords Access 60

KnowBe4

SEPTEMBER 10, 2019

The California Consumer Privacy Act (CCPA) was introduced just a month after the European Union instituted the General Data Protection Regulation (GDPR), earning the CCPA the nickname of “California’s GDPR.”. While the GDPR has been in effect since May of 2018, the CCPA is on track to become effective on January 1, 2020.

GDPR 72

GDPR Privacy Personal data Passwords 72

IT Governance

FEBRUARY 28, 2019

This week, we discuss ICANN’s warning about DNS attacks, the extent of credential stuffing attacks on the retail sector, password managers’ responses to recent research into security flaws, and the European Data Protection Supervisor’s annual report for 2018. We often talk about the perils of password reuse.

Passwords 73

Passwords GDPR Retail Government 73

IT Governance

NOVEMBER 16, 2018

However, unlike other players in the travel industry that recently suffered breaches, such as BA and Cathay Pacific , Eurostar has emerged relatively unscathed. Reported the breach to the ICO (Information Commissioner’s Office) as required by the GDPR (General Data Protection Regulation). What did Eurostar do differently?

Data breaches 106

Data breaches Passwords GDPR Access 106

eSecurity Planet

JANUARY 30, 2024

Availability & Reliability Cloud storage service outages affect business operations and hinder access to crucial data. Downtime limits incident response, increases the risk of data breaches, and can be used as leverage for DDoS attacks. Examples include GDPR in Europe, HIPAA in healthcare, and PCI DSS for payment card data.

Cloud 124

Cloud Risk Security Encryption 124

IT Governance

MARCH 24, 2022

That figure might not come as a surprise, given the growing awareness of data privacy. There are regular news stories of data breaches, while the GDPR (General Data Protection Regulation) has changed the way organisations handle personal data. The lack of data breaches isn’t purely good fortune, though.

Data Privacy 98

Data Privacy Privacy Data breaches GDPR 98

IT Governance

JANUARY 25, 2023

Data Protection Day is celebrated on 28 January, the anniversary of the Council of Europe’s data protection convention being opened for signature. Let’s take a look at some of the ways you can mark the day, and the ways you can be more informed about data protection? The post What Are You Doing for Data Protection Day?

Personal data 114

Personal data Passwords Data Privacy Privacy 114

IT Governance

JUNE 8, 2018

This week, we discuss the compromise of 92 million MyHeritage users’ credentials, “unauthorised activity” at PageUp, a missing memory stick at Rochester Grammar School, and the first couple of weeks of the GDPR. Hello and welcome to the IT Governance podcast for Friday, 8 June 2018. Here are this week’s stories.

GDPR 66

GDPR Passwords Authentication Information Security 66

Security Affairs

FEBRUARY 8, 2024

Phishing Attacks: Phishing is the top cyber attack, causing 90% of data breaches. Data Breach Costs: The average global cost of a data breach in 2023 was $4.45 As a precaution, they revoked all security certificates and passwords for their web portal. Ransomware Attacks: In 2023, a whopping 72.7%

Security 115

Security Phishing IoT Ransomware 115

Troy Hunt

DECEMBER 3, 2023

” Anyone can type in an email address into the site to check if their personal data has been compromised in a security breach. Inevitably, "because data breaches", and it's nuts just how much exposure this project has had because of them. Or the UK's NCA to be feeding data in.

Data breaches 145

Data breaches Passwords Sales IT 145

eSecurity Planet

APRIL 9, 2024

This framework guarantees that appropriate authentication measures, encryption techniques, data retention policies, and backup procedures are in place. Common threats include misconfigurations, cross-site scripting attacks, and data breaches. Security breaches have a lower impact when they are detected and responded to on time.

Security 105

Security Compliance Cybersecurity Communications 105

IT Governance

DECEMBER 9, 2020

This attack uses a password-guessing program to break into systems. For example, if you’re concerned about brute-force attacks, you should create a policy ensuring that employees use strong, complex passwords. Review your GDPR compliance practices. However, it’s just as important to look at data privacy.

Security 111

Security GDPR Phishing Data breaches 111

IT Governance

OCTOBER 26, 2018

Hong Kong-based airline Cathay Pacific has announced a major data breach affecting up to 9.4 The breach also affects Cathay’s regional airline, Cathay Dragon. What data has been compromised? The breach exposed a broad selection of data, including: names. Containing the breach. nationalities.

Data breaches 81

Data breaches Personal data Passwords GDPR 81

IT Governance

JANUARY 10, 2022

The cyber security landscape offered similarly familiar topics: there were huge data breaches at Facebook and LinkedIn, while the threat of ransomware reached catastrophic levels. You can see more incidents from January in our list of data breaches and cyber attacks.

Security 115

Security Data breaches Ransomware Phishing 115

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories. Part one covers January to June, and will be followed by part in the coming days.

Data breaches 69

Data breaches GDPR Passwords Personal data 69

IT Governance

NOVEMBER 19, 2018

The hotel group has confirmed that no payment card information, passwords or travel history were accessed. However, the following data was compromised: Member names. Although Radisson has contacted those affected, it hasn’t revealed how many of its members had their details compromised, or the source of the breach.

GDPR 93

GDPR Phishing Passwords Data breaches 93

IT Governance

MARCH 14, 2019

In our last ever podcast, we discuss Citrix’s data breach, the GDPR and cookie walls, data breach notification, and Patch Tuesday. Hello and welcome to the IT Governance podcast for Thursday, 7 March 2019. Obviously, I can’t end this podcast without mentioning the EU GDPR again.

GDPR 82

GDPR Data breaches Personal data Passwords 82

IT Governance

NOVEMBER 24, 2021

Data breaches. Some people mistakenly believe that storing information in the Cloud removes the risk of data breaches. Indeed, a Gartner study found that 95% of Cloud breaches are the result of the result of misconfigurations. This means you could end up with large volumes of data sitting in folders unnecessarily.

Cloud 133

Cloud Risk Security Data breaches 133

IT Governance

JUNE 1, 2018

This week, we discuss the sentencing of one of the perpetrators of the 2013 Yahoo breach, a new type of denial-of-service attack that can crash computers just using sound and how not to email your customers. Hello and welcome to the IT Governance podcast for Friday, 1 June 2018. Here are this week’s stories. Acting U.S.

GDPR 67

GDPR Compliance Computer and Electronics Data breaches 67

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. law, consumers and the marketplace have been comfortable with to date.

GDPR 79

GDPR Privacy Sales Data breaches 79

IT Governance

MAY 27, 2021

Indeed, according to Ponemon Institute’s Cost of a Data Breach Report 2020 , 23% of data breaches were caused by human error. They represent the business, deal with customers and handle sensitive data. Meanwhile, depending on the nature of the data breach , you could suffer various forms of disruption.

Security awareness 119

Security awareness IT Security GDPR 119

IT Governance

JANUARY 16, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data is no longer publicly available. Data breached: >223,000,000 records. GB database includes names, email addresses, phone numbers and passwords.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

JANUARY 23, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data set is a collection of 1 billion credentials sourced from stealer logs and hosted on the illicit.services website. Data breached: 70,840,771 email addresses.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

eSecurity Planet

MAY 24, 2024

To improve security and prevent unwanted access, best practices include limiting access to authorized users, enforcing strong password restrictions, and utilizing multi-factor authentication (MFA). Secure your storage methods: Encrypt and hash passwords and other authentication data to ensure their security.

Cloud 117

Cloud Security Compliance Encryption 117

IT Governance

DECEMBER 23, 2020

With COVID-19 under control, the UK government announced that lockdown measures would be eased from 4 July, with pubs, cafés, cinemas and museums allowed to reopen. Unfortunately, there was a hitch, with the government forced to scrap its original track and trace app, pushing the launch date back by months. million (about £2.9

Data breaches 97

Data breaches Ransomware Government GDPR 97