IT Governance

JANUARY 25, 2019

Home improvement retailer B&Q has suffered a data breach affecting 70,000 of its… well, not customers, exactly. The breached database contained a list of people who had been caught stealing products from B&Q stores. How did it inform the data subjects that their data was being processed?

Data breaches 111

Data breaches GDPR Passwords Retail 111

IT Governance

JULY 2, 2020

What is the GDPR? The Regulation came into effect on 25 May 2018, and was designed to strengthen the rights of EU residents regarding the way organisations process and use their personal data. First, the UK has implemented the UK DPA (Data Protection Act) 2018 , which adopts the GDPR into national law. A quick overview.

GDPR 111

GDPR Personal data Data breaches Compliance 111

The Last Watchdog

AUGUST 19, 2021

It’s too early to assess compliance to data loss regulations. There is a patchwork of state regulations, along with GDPR, that T-Mobile has to navigate. Often inadvertent data breaches stem from a well-meaning employee trying to meet the needs of clients but without the technical systems to facilitate.

Data breaches 306

Data breaches Authentication Access Personal data 306

Security Affairs

MAY 11, 2020

During COVID-19 outbreak data processors have to be extra vigilant to maintain their compliance with data protection authorities like GDPR. It has imposed online learning and earning, which in turn has open new doors of cybersecurity threats and data breaches. COVID-19 Remote Working – GDPR Data Security Checklist.

GDPR 130

GDPR Security Compliance Encryption 130

Hunton Privacy

OCTOBER 29, 2018

Recently, the French Data Protection Authority (the “CNIL”) published a statistical review of personal data breaches during the first four months of the EU General Data Protection Regulation’s (“GDPR”) entry into application. Types of breaches. Cause of the breaches. View the review (in French). .

Data breaches 96

Data breaches GDPR Personal data Risk 96

DLA Piper Privacy Matters

NOVEMBER 22, 2018

The State Commissioner for Data Protection and Freedom of Information Baden-Wuerttemberg (LfDI) was the first German data protection authority to impose a fine under the GDPR. 32 (1) (a) GDPR (obligation to pseudonymise and encrypt personal data). 83 (4) (a) GDPR). 83 (4) (a) GDPR).

GDPR 97

GDPR Data breaches Personal data Passwords 97

IT Governance

JULY 1, 2020

The only saving grace for the organisation – which didn’t do itself any favours by initially denying the story and threatening to sue people who reported on it – is that the leaked database comprised a list of records from past data breaches. Amtrak resets user passwords after Guest Rewards data breach (unknown).

Data breaches 140

Data breaches Ransomware Retail Personal data 140

DLA Piper Privacy Matters

MAY 8, 2019

The first GDPR fine was issued in Italy by the Garante for the lack of implementation of privacy security measures following a data breach on the so-called Rousseau platform operating the websites of the Movimento 5 Stelle party. The first GDPR fine issued in Italy. The fact of the case relating to the Rousseau platform.

GDPR 102

GDPR Systems administration Privacy Data breaches 102

IT Governance

NOVEMBER 12, 2020

Security experts working for Website Planet discovered that the Spanish software firm failed to password-protect an AWS S3 bucket that held the personal details of hotel guests dating back to 2013. The post Millions of Expedia and Booking.com customers at risk after data breach appeared first on IT Governance UK Blog.

Data breaches 105

Data breaches Risk GDPR Phishing 105

Security Affairs

NOVEMBER 24, 2018

The case is making the headlines, the German chat platform Knuddels.de (“Cuddles”) has been fined €20,000 for storing user passwords in plain text. In July hackers breached the systems of the company Knuddels and leaked online its data. when you log into the chat, you are currently asked to change your password. .

GDPR 83

GDPR Passwords Data breaches Personal data 83

Adam Levin

NOVEMBER 19, 2019

The first and last names, email addresses, and passwords of 452,634 players and 470 employees were exposed. No financial data was thought to have been compromised. “We data protection authorities in accordance with the EU’s GDPR data breach disclosure requirements, and emailed affected users.

Data breaches 58

Data breaches Passwords GDPR Access 58

IT Governance

JANUARY 16, 2018

According to Ponemon Institute’s 2017 Cost of Data Breach Study: United Kingdom , data breaches cost UK organisations an average of £2.48 When a data breach hits the headlines, we immediately think of the fine that the breached organisation may receive. billion records) than in the whole of 2016 (1.37

Data breaches 74

Data breaches GDPR Passwords Security 74

IT Governance

NOVEMBER 27, 2018

Data Breach. JavaScript keylogger sees Vision Direct’s customer data stolen. Amazon’s data breach email looks like a phishing scam. Noida: Two leak legal firm’s data to former employee, held. ‘Appalling’ emergency services data breach to be investigated.

Data breaches 111

Data breaches Ransomware Phishing GDPR 111

IT Governance

JUNE 27, 2019

After a rampant start to the year for data breaches and cyber attacks, it’s about time we went one month without at least one massive security incident. June 2019’s total of 39,713,046 breached records is the lowest since May last year – the month that the GDPR (General Data Protection Regulation) came into effect.

Data breaches 111

Data breaches Personal data Ransomware GDPR 111

IT Governance

SEPTEMBER 27, 2018

If you suffer a data breach, compliance with the EU GDPR (General Data Protection Regulation) will help lessen the impact. But what happens if you’re not GDPR compliant? Below we compare the different stages of a breach for #BreachReady and non-#BreachReady organisations. . You suffer a breach .

Data breaches 67

Data breaches GDPR Compliance Risk 67

IT Governance

APRIL 3, 2018

Last week it was confirmed that the personal details of approximately 150 million users of Under Armour’s MyFitnessPal app were compromised after criminal hackers acquired usernames, email addresses and hashed passwords. Fortunately, the majority of stolen passwords were hashed using the ‘bcrypt’ mechanism. What happened?

Data breaches 73

Data breaches Passwords GDPR Security 73

IT Governance

MAY 29, 2018

Remember when I said last month that “with the GDPR less than a month away I imagine future lists will be even longer thanks to the introduction of mandatory data breach notifications”? Well, May’s list of incidents is very long, and the GDPR only came into effect at the end of the month. Data breach.

Data breaches 89

Data breaches GDPR Ransomware Passwords 89

Security Affairs

NOVEMBER 18, 2018

Instagram has suffered a serious security leak that might have exposed user’s passwords, revealed The Information website. Instagram notified some of its users that it might have accidentally exposed their password due to a security glitch. ” states a blog post published on The Information.

Passwords 103

Passwords Personal data Privacy Data Privacy 103

Security Affairs

OCTOBER 5, 2018

The sales intelligence firm Apollo is the last victim of a massive data breach that exposed more than 200 million contact records. Apollo collects a lot of its information from public sources, including names, email addresses, and company contact information, it also gathers data by scraping Twitter and LinkedIn.

Data breaches 87

Data breaches Sales GDPR Passwords 87

Adam Levin

NOVEMBER 27, 2018

Amazon was hit with a data breach just days before Black Friday and Cyber Monday, the biggest shopping time of the year. The major data breach exposed names and email addresses of customers due to a technical error on their website. It is unclear how European GDPR laws will affect Amazon’s response to the incident.

Data breaches 58

Data breaches Passwords GDPR Security 58

Security Affairs

JANUARY 28, 2019

After the discovery of hacking attempts, the French firm logged users out and forced a password reset procedure by including in the notification a link to change the password and re-gain access to the account. In 2016, Dailymotion suffered a massive data breach that exposed 87 million accounts. Pierluigi Paganini.

Passwords 64

Passwords Data breaches Archiving Sales 64

KnowBe4

SEPTEMBER 10, 2019

The California Consumer Privacy Act (CCPA) was introduced just a month after the European Union instituted the General Data Protection Regulation (GDPR), earning the CCPA the nickname of “California’s GDPR.”. While the GDPR has been in effect since May of 2018, the CCPA is on track to become effective on January 1, 2020.

GDPR 73

GDPR Privacy Personal data Passwords 73

IT Governance

FEBRUARY 8, 2019

Mumsnet has disclosed a data breach that occurred during a software update between 5-7 February. Roberts confirmed that passwords weren’t affected, because the information is encrypted and isn’t listed on users’ account details. . It’s a common mistake that can have serious data protection implications. .

Data breaches 82

Data breaches Encryption Passwords Government 82

IT Governance

JULY 12, 2018

On 28 June 2018, athletic apparel company Adidas announced that its US website had suffered a data breach , exposing online customers’ personal data. The breach was detected on 26 June. Adidas has no reason to believe that any credit card or fitness information of those consumers was impacted.”.

Data breaches 65

Data breaches Retail Passwords Manufacturing 65

IT Governance

JUNE 29, 2018

This week, we discuss the apparent leak of 340 million data records, a vulnerability that exposed sensitive BetVictor data, a data breach affecting up to 40,000 Ticketmaster customers, and the number of GDPR complaints since 25 May. usernames, passwords, URLs?—?is Here are this week’s stories.

GDPR 76

GDPR Passwords Data breaches Access 76

IT Governance

JULY 10, 2019

million for a massive data breach that it disclosed last year. The names and contact details of 383 million customers were compromised in the incident, along with millions of password numbers and payment card details. million for a breach it disclosed in September 2018. Marriott International is to be fined £99.2

Data breaches 60

Data breaches GDPR Passwords Access 60

IT Governance

MAY 7, 2024

Plus, a further 3,029,461 known records newly breached Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 395 GB.

Data breaches 59

Data breaches Education Manufacturing Retail 59

IT Governance

FEBRUARY 14, 2018

An investigation has been launched following a data breach at Coventry University in November 2017. The breach occurred after an email attachment containing confidential student information was sent to almost 2,000 students. It is only a few months before the General Data Protection Regulation (GDPR) is enforced.

Data breaches 60

Data breaches GDPR Personal data Information Security 60

IT Governance

MARCH 26, 2020

One area you might not have considered is how to maintain compliance with the GDPR (General Data Protection Regulation) and UK DPA (Data Protection Act) 2018. Data protection law doesn’t prevent that, but you’ll need to consider the same kinds of security measures for homeworking that you’d use in normal circumstances.

GDPR 93

GDPR Compliance Phishing Risk 93

Hunton Privacy

AUGUST 29, 2019

On August 21, 2019, the Belgian Data Protection Authority (the “Belgian DPA”) published a press release informing of its intention to further investigate a data breach that was notified by Adecco Belgium, a temporary employment agency.

Data breaches 45

Data breaches GDPR Personal data Passwords 45

Archive Document Data Storage

MAY 9, 2019

UK businesses face unprecedented levels of data security threats. How are you protecting your corporate data? Here are ten steps for reducing your data breach exposure: 1. You can’t protect your data without knowing where it’s stored. Locate your document and data storage repositories. Upgrade Passwords.

Data breaches 40

Data breaches Passwords Records Management Archiving 40

Troy Hunt

DECEMBER 21, 2017

In the first 4 parts of "Fixing Data Breaches", I highlighted education , data ownership and minimisation , the ease of disclosure and bug bounties as ways of addressing the problem. That was in November 2015, a mere 3 months after the Ashley Madison data breach. Are Organisations Actually Paying Attention?

Data breaches 51

Data breaches GDPR Education Personal data 51

HL Chronicle of Data Protection

NOVEMBER 23, 2018

In the first fine issued by a German data protection authority under the European General Data Protection Regulation (“GDPR”), on 21 November 2018 the authority of the German state of Baden-Württemberg (“LfDI”) imposed a fine of Euro 20,000 on a social media provider for a violation of its data security obligations under Art.

GDPR 40

GDPR Data breaches Passwords Personal data 40

IT Governance

JUNE 28, 2018

Users have also been advised to reset their passwords. On Saturday 23 June, Ticketmaster discovered that a malware infection on a third-party support product hosted by Inbenta Technologies was exfiltrating Ticketmaster customer data to an unknown third party. GDPR compliance checklist. Supply-chain security.

Data breaches 61

Data breaches GDPR Compliance Sales 61

IT Governance

FEBRUARY 28, 2019

This week, we discuss ICANN’s warning about DNS attacks, the extent of credential stuffing attacks on the retail sector, password managers’ responses to recent research into security flaws, and the European Data Protection Supervisor’s annual report for 2018. We often talk about the perils of password reuse.

Passwords 73

Passwords GDPR Retail Government 73

IT Governance

NOVEMBER 16, 2018

However, unlike other players in the travel industry that recently suffered breaches, such as BA and Cathay Pacific , Eurostar has emerged relatively unscathed. Reported the breach to the ICO (Information Commissioner’s Office) as required by the GDPR (General Data Protection Regulation). What did Eurostar do differently?

Data breaches 106

Data breaches Passwords GDPR Access 106

IT Governance

JUNE 8, 2018

This week, we discuss the compromise of 92 million MyHeritage users’ credentials, “unauthorised activity” at PageUp, a missing memory stick at Rochester Grammar School, and the first couple of weeks of the GDPR. No other data related to MyHeritage was found, and there was no evidence that the data in the file had been misused.

GDPR 66

GDPR Passwords Authentication Information Security 66