Data breaches, GDPR, Personal data and Retail - Information Management Today

The bright side of data privacy compliance: 5 value-driven opportunities for retailers

Thales Cloud Protection & Licensing

AUGUST 30, 2023

The bright side of data privacy compliance: 5 value-driven opportunities for retailers madhav Thu, 08/31/2023 - 05:20 Failing to keep up with data privacy legislations, such as General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA) can harm a brand’s bottom-line and public reputation.

Retail

Retail Data Privacy Compliance Privacy

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Irish regulators hit Meta with a EUR 1.2

GDPR

GDPR Compliance Personal data Privacy

GDPR – the facts and what it means for the retail sector

IT Governance

JUNE 25, 2018

We all know by now that, on 25 May 2018, the General Data Protection Regulation (GDPR) came into effect. With all the noise, however, it’s possible that the key facts haven’t been heard clearly, especially by those in smaller businesses where there isn’t always a defined person to take the lead for IT.

Retail

Retail GDPR IT Compliance

70,000 affected in B&Q data breach

IT Governance

JANUARY 25, 2019

Home improvement retailer B&Q has suffered a data breach affecting 70,000 of its… well, not customers, exactly. The breached database contained a list of people who had been caught stealing products from B&Q stores. How did it inform the data subjects that their data was being processed?

Data breaches

Data breaches GDPR Passwords Retail

List of data breaches and cyber attacks in June 2020 – 7 billion records breached

IT Governance

JULY 1, 2020

The only saving grace for the organisation – which didn’t do itself any favours by initially denying the story and threatening to sue people who reported on it – is that the leaked database comprised a list of records from past data breaches. Amtrak resets user passwords after Guest Rewards data breach (unknown).

Data breaches

Data breaches Ransomware Retail Personal data

Fortnum & Mason customers’ personal data exposed in breach

IT Governance

JULY 20, 2018

As the saying goes, you’re only as strong as your weakest link, which is as true for data security as any other situation. Unfortunately, world-famous retailer Fortnum & Mason was recently let down by a weak link – survey company Typeform – that exposed the personal data of 23,000 of its customers.

Personal data

Personal data Retail Data breaches GDPR

Selling and utilising personal data in an insolvency situation

Data Protection Report

JUNE 1, 2020

Many businesses are suffering serious financial difficulties as a result of COVID-19, particularly those in the retail, hospitality and tourism sectors. But this is a tricky area to navigate, particularly following the General Data Protection Regulation ( GDPR ), since both the ICO and the FCA have started to pay more attention to this area.

Personal data

Personal data Sales Marketing GDPR

The GDPR: A year in review

IT Governance

MAY 23, 2019

A year ago this week, the GDPR (General Data Protection Regulation) took effect, promising to revolutionise information security. To mark the anniversary, we gathered a panel of data protection experts to discuss the effect of the Regulation and the future of data protection. Compliance fatigue’.

GDPR

GDPR Data breaches Compliance Retail

The GDPR: Everything you need to know about data controllers and data processors

IT Governance

NOVEMBER 14, 2018

Data controllers and data processors are an integral part of the GDPR. The terms ‘data controller’ and ‘data processor’ have been around for years, but it’s only since the EU GDPR (General Data Protection Regulation) took effect that they’ve been scrutinised. Responsibilities of the data processor.

GDPR

GDPR Retail Data collection Personal data

BA data breach: 565,000 customers may have been affected

IT Governance

NOVEMBER 12, 2018

In September, British Airways announced it had suffered a data breach that compromised the personal and financial data of more than 380,000 customers. The breach will be investigated under the GDPR, which could leave the airline facing an extremely hefty fine, in the hundreds of millions of pounds.

Data breaches

Data breaches GDPR Personal data Communications

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

On November 26, 2020, the French Data Protection Authority (the “CNIL”) announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies.

GDPR

GDPR Personal data Data collection Marketing

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

IT Governance

MAY 7, 2024

Plus, a further 3,029,461 known records newly breached Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 395 GB.

Data breaches

Data breaches Education Manufacturing Retail

CCTV and the GDPR – an overview for small businesses

IT Governance

JULY 25, 2018

As of 25 May 2018, organisations that use CCTV to capture images of individuals are processing personal data as defined by the GDPR (General Data Protection Regulation) and must comply with the Regulation’s requirements. To comply with the data controller’s legal obligations.

GDPR

GDPR Personal data Privacy Access

Adidas data breach

IT Governance

JULY 12, 2018

On 28 June 2018, athletic apparel company Adidas announced that its US website had suffered a data breach , exposing online customers’ personal data. The breach was detected on 26 June. If you would like more information on how to do this, request a call with one of our retail experts.

Data breaches

Data breaches Retail Passwords Manufacturing

Consumer concerns over GDPR should set alarm bells ringing for businesses

Thales Cloud Protection & Licensing

NOVEMBER 16, 2017

Today, putting the letters ‘GDPR’ into Google will generate over 420,000 news articles, some detailing the expected impact of the regulation, and others casting doubt on businesses and their readiness. and Germany to get to grips with what they know about GDPR, and more importantly, what they don’t. A lack of trust. A lack of trust.

GDPR

GDPR Retail Data breaches Financial Services

When It Comes to a Data Breach, How Do You Want to Be Notified?

Thales Cloud Protection & Licensing

AUGUST 7, 2018

August is two-thirds of the way through year, and we have already seen a number of serious, far-reaching data breaches making headlines, some occurred in 2018, and some from 2017 that are now being disclosed. retail sector needs to come to terms with some bad news. retail sector needs to come to terms with some bad news.

Data breaches

Data breaches Retail IT Communications

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

An online retailer always gets users’ explicit consent before sharing customer data with its partners. A navigation app anonymizes activity data before analyzing it for travel trends. One cannot overstate the importance of data privacy for businesses today.

Data Privacy

Data Privacy Privacy GDPR Personal data

Dixons Carphone: 5.9 million payment cards compromised

IT Governance

JUNE 13, 2018

Dixons Carphone has suffered a major data breach involving 5.9 million personal data records. At this point, the major consumer electronics retailer said there was no evidence of any fraud. This isn’t the first time that the retailer has suffered a data breach. In 2015, the personal data of 2.4

Retail

Retail GDPR Data breaches Compliance

Data controller vs data processor: what’s the difference?

IT Governance

AUGUST 19, 2020

The concept of data controllers and data processors has been around for years, but the roles come with clearly defined responsibilities under the GDPR (General Data Protection Regulation). In this blog, we take a close look at what a data controller and processor does and how they fit into your organisation.

GDPR

GDPR Personal data Compliance Privacy

Card Factory allowed customer photos to be exposed publicly

IT Governance

OCTOBER 19, 2018

If these could have been used to identify individuals, this would have constituted a personal data breach under the EU GDPR (General Data Protection Regulation). It has also contacted the Information Commissioner’s Office, which “confirmed that this was not a data breach and no personal data was compromised”.

Retail

Retail Data breaches Personal data GDPR

Heathrow Airport fined £120,000 for data breach

IT Governance

OCTOBER 9, 2018

The ICO (Information Commissioner’s Office) has fined Heathrow Airport £120,000 for failing to secure sensitive personal data after a member of public found an unencrypted USB stick containing data about the airport’s staff. How did the data breach occur? However, the ICO hasn’t confirmed this.

Data breaches

Data breaches Personal data Libraries Information Security

International Data Protection Day 2022

DLA Piper Privacy Matters

JANUARY 28, 2022

Looking back on 2021, the privacy and data protection landscape continues to evolve at pace. In Europe we saw the UK finally conclude Brexit and establishment of a separate data protection regime in the UK which will be governed by the UK GDPR. Data transfers to other countries remain a challenge. billion (USD1.2 / GBP0.9

GDPR

GDPR Privacy Data breaches Personal data

2019 end-of-year review part 2: July to December

IT Governance

DECEMBER 30, 2019

The second half of the year began with major data privacy news: the UK’s data protection authority, the ICO (Information Commissioner’s Office), announced its intention to fine British Airways and Marriott International a combined £282.6 million for breaching the GDPR (General Data Protection Regulation).

Data breaches

Data breaches Personal data GDPR Ransomware

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Publicly disclosed data breaches and cyber attacks: in the spotlight Hathaway breached, 41.5 Data breached: 41,500,000 records. They accessed 41.5

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

Examples of data processing activities that require a DPIA

IT Governance

JUNE 19, 2019

The GDPR (General Data Protection Regulation) requires organisations to conduct a DPIA (data protection impact assessment) whenever processing is ‘likely to result in a high risk’ to the rights and freedoms of individuals. Damage : the effects on the individual if a data breach or privacy violation occurs.

GDPR

GDPR Personal data Risk Data breaches

More than half of consumers would consider legal action if their data was compromised during a breach

Thales Cloud Protection & Licensing

NOVEMBER 26, 2018

Six months on from the legal implementation of the General Data Protection Regulation (GDPR), a third of consumers have admitted they still aren’t confident that the companies they interact with comply with the regulation. A quarter (25%) of people in both regions revealed that they could not explain the GDPR in any way.

GDPR

GDPR Data breaches Retail Manufacturing

Leicester City FC fans’ financial details stolen in cyber attack

IT Governance

JUNE 11, 2019

“Upon discovery of the breach, the security of our retail platform was immediately restored and appropriate measures were taken to ensure the security of all other online assets,” the statement read. The club has been in direct contact with all users that were potentially affected by this breach,” it added. A GDPR penalty?

GDPR

GDPR Personal data Data breaches Retail

Germany: New 35 million fine for breaching employee privacy

Data Protection Report

OCTOBER 5, 2020

On 1 October 2020, the State Commissioner for Data Protection and Freedom of Information (Landesbeauftragte für Datenschutz und Informationsfreiheit) of Hamburg (the DPA) imposed a fine of EUR 35.3 million under the GDPR against the German subsidiary of the fashion retailer H&M.

Privacy

Privacy Retail Data collection GDPR

Weekly podcast: Amazon, TalkTalk and City of York

IT Governance

NOVEMBER 22, 2018

This week, we discuss Amazon’s exposure of customer names and addresses, jail sentences for two TalkTalk hackers, and a data breach affecting a City of York rubbish app. Two Tamworth men have been jailed for their part in the 2015 cyber attack on TalkTalk that saw the personal information of 156,959 customers compromised.

Data breaches

Data breaches Personal data Passwords Encryption

Major data leak at Cathay Pacific

IT Governance

OCTOBER 26, 2018

Hong Kong-based airline Cathay Pacific has announced a major data breach affecting up to 9.4 The breach also affects Cathay’s regional airline, Cathay Dragon. What data has been compromised? The breach exposed a broad selection of data, including: names. Containing the breach. nationalities.

Data breaches

Data breaches Personal data Passwords GDPR

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Cyber criminals continued to wreak havoc, with the likes of Twitter , Uber and Neopets all reporting mammoth data breaches. In total, we have so far reported more than 1,000 data breaches in 2022, with almost half a billion breached records. million) fine for twelve breaches of the GDPR.

Security

Security Data breaches Ransomware Military

Getting #BreachReady: prepare for the worst, hope for the best

IT Governance

JULY 23, 2018

The EU GDPR (General Data Protection Regulation) is very much alive and kicking. Since its coming into force in May, the EU-wide GDPR has led to an increase in data breach reporting, as the requirement is for organisations to notify the ICO of a breach within 72 hours of becoming aware of it.

GDPR

GDPR Data breaches Phishing Risk

Self-Sovereign Identities, The Next Step in Privacy-First User Experience

Thales Cloud Protection & Licensing

MARCH 20, 2023

When privacy is at stake, SSI puts individuals back in control of their personal data. Moreover, it helps organizations to operate in an environment they trust and control to significantly reduce Know Your Customer (KYC) and GDPR costs and to more easily comply with regional privacy rules while improving user experience.

Privacy

Privacy Blockchain Customer Experience Access

How data breaches are affecting the retail industry

IT Governance

AUGUST 21, 2018

Data breaches. What steps will the ICO (Information Commissioner’s Office) take to ensure organisations comply with the recently enforced GDPR (General Data Protection Regulation)? How will customers, suppliers and partners react to organisations that suffer a breach? What is the cost of a data breach?

Retail

Retail Data breaches GDPR Compliance

California passes major legislation, expanding consumer privacy rights and legal exposure for US and global companies

Data Protection Report

JUNE 29, 2018

On June 28, 2018, California lawmakers enacted the California Consumer Privacy Act of 2018 (the “CCPA”) a sweeping, GDPR-like privacy law which is intended to give California consumers more control over how businesses collect and use their data. Read more below for a summary of what was included in the law that was passed yesterday.

Privacy

Privacy GDPR Personal data Risk

California Passes Major Legislation, Expanding Consumer Privacy Rights and Legal Exposure for US and Global Companies

Data Protection Report

JUNE 29, 2018

On June 28, 2018, California lawmakers enacted the California Consumer Privacy Act of 2018 (the “CCPA”) a sweeping, GDPR-like privacy law which is intended to give California consumers more control over how businesses collect and use their data. Read more below for a summary of what was included in the law that was passed yesterday.

Privacy

Privacy GDPR Personal data Risk

Robot receptionists aren’t the answer: Why the hotel industry should rethink its approach to smart technology

IT Governance

APRIL 17, 2019

Data breaches hit the headlines practically every day , and privacy concerns, such as those at Facebook and Amazon , have caused customers to turn away from services or at least take a keener interest in the way organisations use their information. Focus on security. Security and privacy are huge issues.

IT

IT Data breaches Privacy Information Security

The first anniversary of the GDPR: How a risk-based approach can help you achieve GDPR compliance

Thales Cloud Protection & Licensing

JULY 11, 2019

Since the General Data Protection Regulation (GDPR) took effect on May 25th last year, data protection has become a very hot topic. On May 22, 2019, the European Commission published an infographic on compliance with and enforcement of the GDPR from May 2018 to May 2019 and it is clear that a lot of work still needs to be done.

GDPR

GDPR Compliance Risk Personal data

Dixons Carphone Cyberattack Targets 5.9M Bank Cards

Threatpost

JUNE 13, 2018

Dixons Carphone said it discovered a massive cyberattack on its processing systems that targeted millions of payment cards and personal data records.

Personal data

Personal data IT Retail Data breaches

The Week in Cyber Security and Data Privacy: 22 – 28 January 2024

IT Governance

JANUARY 30, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data is more than mere credentials, too – according to Cybernews, most of the exposed data is sensitive. Data breached: more than 26 billion records.

Data Privacy

Data Privacy Retail Privacy Manufacturing

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

IT Governance

JANUARY 23, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data set is a collection of 1 billion credentials sourced from stealer logs and hosted on the illicit.services website. Data breached: 70,840,771 email addresses.

Data Privacy

Data Privacy Privacy Manufacturing Retail

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

IT Governance

DECEMBER 11, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: more than 59 million data records. Data breached: 5 TB. Data breached: 4 TB. Akumin Inc.

Data Privacy

Data Privacy Energy and Utilities Privacy Manufacturing

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. CCPA Background. Right to Opt-Out. New Business Obligations.

Privacy

Privacy Sales Compliance Cybersecurity

PCI DSS: Lessons to learn from recent payment card breaches

IT Governance

SEPTEMBER 14, 2018

In this week’s blog, we examine some recent examples of payment card breaches to help you understand common problems that organisations run into and how you can avoid them. Further reading: Why you should be concerned about payment card data breaches. The cost of a payment card data breach. Dixons Carphone.

Data breaches

Data breaches Paper Retail Manufacturing

The bright side of data privacy compliance: 5 value-driven opportunities for retailers

How to implement the General Data Protection Regulation (GDPR)

Trending Sources

GDPR – the facts and what it means for the retail sector

70,000 affected in B&Q data breach

List of data breaches and cyber attacks in June 2020 ­– 7 billion records breached

Fortnum & Mason customers’ personal data exposed in breach

Selling and utilising personal data in an insolvency situation

The GDPR: A year in review

The GDPR: Everything you need to know about data controllers and data processors

BA data breach: 565,000 customers may have been affected

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

CCTV and the GDPR – an overview for small businesses

Adidas data breach

Consumer concerns over GDPR should set alarm bells ringing for businesses

When It Comes to a Data Breach, How Do You Want to Be Notified?

Data privacy examples

Dixons Carphone: 5.9 million payment cards compromised

Data controller vs data processor: what’s the difference?

Card Factory allowed customer photos to be exposed publicly

Heathrow Airport fined £120,000 for data breach

International Data Protection Day 2022

2019 end-of-year review part 2: July to December

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

Examples of data processing activities that require a DPIA

More than half of consumers would consider legal action if their data was compromised during a breach

Leicester City FC fans’ financial details stolen in cyber attack

Germany: New 35 million fine for breaching employee privacy

Weekly podcast: Amazon, TalkTalk and City of York

Major data leak at Cathay Pacific

2022 Cyber Security Review of the Year

Getting #BreachReady: prepare for the worst, hope for the best

Self-Sovereign Identities, The Next Step in Privacy-First User Experience

How data breaches are affecting the retail industry

California passes major legislation, expanding consumer privacy rights and legal exposure for US and global companies

California Passes Major Legislation, Expanding Consumer Privacy Rights and Legal Exposure for US and Global Companies

Robot receptionists aren’t the answer: Why the hotel industry should rethink its approach to smart technology

The first anniversary of the GDPR: How a risk-based approach can help you achieve GDPR compliance

Dixons Carphone Cyberattack Targets 5.9M Bank Cards

The Week in Cyber Security and Data Privacy: 22 – 28 January 2024

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

PCI DSS: Lessons to learn from recent payment card breaches

Stay Connected

List of data breaches and cyber attacks in June 2020 – 7 billion records breached