Education, Examples, Personal data and Security

The Information Commissioner’s Office Issues UK Department for Education with Formal Reprimand

Hunton Privacy

NOVEMBER 7, 2022

On November 2, 2022, the ICO issued to the UK Department for Education (“ DfE ”) a formal reprimand following an investigation into the sharing of personal data stored on the Learning Records Service (“ LRS ”), a database which provides a record of pupils’ qualifications that the DfE has overall responsibility for.

Education

Education Personal data Access IT

When are schools required to report personal data breaches?

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. When must breaches be reported?

Personal data

Personal data Data breaches Data collection GDPR

CIPL Submits Comments on Irish DPC’s Guidance on Safeguarding Personal Data of Children

Hunton Privacy

MARCH 30, 2021

The Draft Guidance also applies to all organizations that process children’s data, not just providers of Information Society Services (“ISS”), and has a broader scope than the ICO Age Appropriate Code, covering issues such as how to address security standards, handle data breaches and use biometrics.

Personal data

Personal data GDPR Risk Privacy

GDPR: How the definition of personal data has changed

IT Governance

APRIL 10, 2019

On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. With the Regulation expanding the definition of personal data, many organisations were uncertain as to what the new definition includes. The scope of personal data.

Personal data

Personal data GDPR Education Government

China Implements Regulation Increasing Protections for Children’s Personal Data

Data Matters

OCTOBER 15, 2019

On 22 August 2019, the Cyberspace Administration of China (CAC) announced the implementation of the Online Protection of Children’s Personal Data Regulation (????????????), (“the Regulation”) which came into force on 1 October 2019. In contrast with COPPA in the U.S., Consequences of the Regulation.

Personal data

Personal data Privacy Compliance Cybersecurity

Two FTC complaints that over-retention of personal data violates Section 5

Data Protection Report

FEBRUARY 13, 2024

In both cases, the FTC’s complaint alleged that the companies retained personal data for longer than was necessary, and that conduct violated Section 5 of the Federal Trade Commission Act as an unfair act or practice. Under the proposed consent orders, both companies do not confirm or deny the allegations. Complaint ¶10.)

Personal data

Personal data Privacy Marketing Data collection

Cyber Security Awareness Month – Answering Google’s Most Commonly Asked Questions

Thales Cloud Protection & Licensing

OCTOBER 17, 2023

Cyber Security Awareness Month – Answering Google’s Most Commonly Asked Questions madhav Wed, 10/18/2023 - 05:25 This month is Cyber Security Awareness Month , highlighting how far security education needs to go in order to enable a secure interconnected world. Data Sovereignty What is data sovereignty?

Security awareness

Security awareness Security Passwords Authentication

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S. In the U.S.,

Data Privacy

Data Privacy Compliance Privacy Security

Top 5 Cloud security challenges, risks and threats

IT Governance

NOVEMBER 24, 2021

They provide a cost-effective way to store data; and with the rise in hybrid workforces, they deliver a reliable way for employees to access information remotely. But as is often the case with technological solutions, the benefits of convenience comes with security risks. Data breaches.

Cloud

Cloud Risk Security Data breaches

Connecticut Enacts Consumer Privacy Law

Hunton Privacy

MAY 10, 2022

On May 10, 2022, Connecticut Governor Ned Lamont signed An Act Concerning Personal Data Privacy and Online Monitoring , after the law was previously passed by the Connecticut General Assembly in April. Connecticut is now the fifth state to enact a consumer privacy law.

Privacy

Privacy Personal data Sales B2B

Top cyber security tips for keeping kids safe online

IT Governance

APRIL 28, 2020

If you’re among the millions of people working from home while also trying to entertain and educate your kids during the coronavirus pandemic, we imagine things have been pretty chaotic. The Internet can be a dangerous place, which is why we talk so often about the importance of secure browsing. Watch out for phishing emails.

Security

Security Phishing Personal data Risk

Businesses to Assist NHS Test and Trace Efforts

Hunton Privacy

JUNE 25, 2020

Establishments and companies in the UK will therefore be responsible for the additional collection and potential sharing of customers’ personal data. Any entity engaging in this kind of data collection will need to comply with the requirements of data protection law.

Data collection

Data collection Personal data Compliance Retail

Catches of the Month: Phishing Scams for August 2023

IT Governance

AUGUST 7, 2023

Welcome to our August 2023 catches of the month feature, in which we explore the latest phishing scams and the tactics that cyber criminals use to trick people into handing over personal data. The pretext is also a quintessential example of phishing, as it creates a sense of shock and urgency.

Phishing

Phishing Passwords Education Personal data

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security. However, despite the critical status of bank infrastructure on the national level, the security of crucial data was not ensured. million files belonging to ICICI Bank. “The

Personal data

Personal data Phishing Risk Financial Services

What are you doing for Data Privacy Week?

IT Governance

JANUARY 24, 2022

Data privacy is a concept that governs our everyday lives. We’re asked to hand over our personal data for seemingly everything that we do – from browsing the web to high-street shopping. Although many of us are broadly aware of the risks involved when sharing our personal data, it often doesn’t get the attention it deserves.

Data Privacy

Data Privacy Privacy Personal data Passwords

What is Cyber Security Awareness and Why is it Important?

IT Governance

MAY 27, 2021

For all the talk of criminal hacking, ransomware infections and the technologies to prevent them, the key to protecting your organisation is cyber security awareness training. Indeed, according to Ponemon Institute’s Cost of a Data Breach Report 2020 , 23% of data breaches were caused by human error.

Security awareness

Security awareness IT Security GDPR

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Although there have still been a few surprises, with the death of Queen Elizabeth II and blazing heatwaves across the UK to name but two, it was a familiar year in the cyber security landscape. Cyber criminals continued to wreak havoc, with the likes of Twitter , Uber and Neopets all reporting mammoth data breaches.

Security

Security Data breaches Ransomware Military

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

October is both Cybersecurity Awareness Month in the US and European Cyber Security Month in the EU – twin campaigns on either side of the Atlantic that aim to improve awareness of the importance of cyber security both at work and at home, and provide tips on how to stay secure.

Phishing

Phishing Financial Services Manufacturing Personal data

Phishing, the campaigns that are targeting Italy

Security Affairs

OCTOBER 12, 2023

Particularly very popular is so-called brand phishing, which occurs when criminals impersonate the official website of a well-known brand of a public or private entity using a domain name, URL, logos and graphics similar to the original website: This is a real threat that can have heavy repercussions on user privacy and device security.

Phishing

Phishing Education Passwords Information Security

ASEAN releases Joint Guide to ASEAN Model Contractual Clauses and EU Standard Contractual Clauses and AI Governance Guide

Data Protection Report

FEBRUARY 27, 2024

To further assist organisations with implementing practical measures to manage data flows between ASEAN and the EU, the ADGMIN updated the Joint MCC – SCC Guide to include an implementation guide (the Implementation Guide ).

Government

Government Personal data Compliance Risk

CIPL Releases Paper on Privacy-Enhancing and Privacy-Preserving Technologies: Understanding the Role of PETs and PPTs in the Digital Age

Hunton Privacy

DECEMBER 14, 2023

The paper explores how organizations are approaching privacy-enhancing technologies (“PETs”) and how PETs can advance data protection principles, and provides examples of how specific types of PETs work. It also explores potential challenges to the use of PETs and possible solutions to those challenges.

Paper

Paper Privacy Data Privacy Education

Catches of the Month: Phishing Scams for October 2022

IT Governance

OCTOBER 10, 2022

Welcome to our October 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. Revolut was recently targeted by a cyber criminal, who gained unauthorised access to clients’ personal data. Source: Graham Cluley.

Phishing

Phishing Passwords Personal data Data breaches

‘Mother of All Breaches’: 26 BILLION Records Leaked

IT Governance

JANUARY 24, 2024

Expert insight from Leon Teale into the implications of this historic data breach The security researcher Bob Diachenko and investigators from Cybernews have discovered an open instance with more than 26 billion data records, mostly compiled from previous breaches – although it likely also includes new data.

Passwords

Passwords Data breaches Encryption Risk

Phishers migrate to Telegram

Security Affairs

APRIL 6, 2023

Phishers also use to share stolen personal data with their subscribers. A package containing features such as 3-D Secure support and support for configuring a phishing website, may cost up to $300. User personal data for sale. Crooks offers data collected through phishing campaign to the subscribers.

Phishing

Phishing Sales Archiving Personal data

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Data Matters

AUGUST 9, 2021

In recent weeks, Connecticut passed An Act Concerning Data Privacy Breaches (“The Act”), and the Uniform Law Commission approved and recommended the Uniform Personal Data Protection Act (“UPDPA”). Uniform Personal Data Protection Act.

Data breaches

Data breaches Privacy Personal data Data Privacy

Data security: Why a proactive stance is best

IBM Big Data Hub

JULY 7, 2023

Threats to your data are virtually everywhere these days, and too often, data compromises seem almost inevitable. But with a proactive approach to data security, organizations can fight back against the seemingly endless waves of threats. Data breaches can be disastrous for organizations.

Security

Security Data breaches Data Privacy Compliance

Sky.com servers exposed via misconfiguration

Security Affairs

OCTOBER 9, 2021

This is presumably intended to help security researchers vetted by the search engine’s staff to secure the exposed devices and files indexed on the service. To see if any of your online accounts were exposed in previous security breaches, use our personal data leak checker with a library of 15+ billion breached records.

IoT

IoT Access Ransomware Education

MY TAKE: Apple users show strong support for Tim Cook’s privacy war against Mark Zuckerberger

The Last Watchdog

MARCH 8, 2021

consumers a smidgen more control over their personal data while online. I asked Elizabeth Rogers, a privacy and data security partner at the law firm of Michael Best & Friedrich , about this. Roger is formerly Chief Privacy Officer for the state of Texas, the first person to hold that post.

Privacy

Privacy Personal data Manufacturing Data Privacy

Are Retailers Shopping for a Cybersecurity Breach?

Thales Cloud Protection & Licensing

NOVEMBER 22, 2022

But negative blowback from major breaches in the 2000s, fines imposed by regulators, and strict cyber security mandates such as PCI-DSS, helped retailers dramatically improve cyber security and slow down the wave of attacks. Despite the above findings, retailers are pretty serious about the security of their businesses.

Retail

Retail Cybersecurity Ransomware Authentication

Catches of the Month: Phishing Scams for January 2023

IT Governance

JANUARY 11, 2023

Welcome to our January 2023 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. This month, we delve into a scam that attempts to trick cyber security professionals and look at a new banking trojan that has experts worried.

Phishing

Phishing Education Access Personal data

Catches of the Month: Phishing Scams for May 2023

IT Governance

MAY 10, 2023

Welcome to our May 2023 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. Research from the cyber security firm Check Point discovered 13,295 newly registered domains imitating OpenAI and ChatGPT. Can you spot a scam?

Phishing

Phishing Honeypots Education Information Security

Singapore Personal Data Protection Commission Publishes Two Advisory Guidelines and Anticipates Promulgation of PDPA Regulations

Hunton Privacy

MAY 20, 2014

On May 16, 2014, the Singapore Personal Data Protection Commission (the “Commission”) published advisory guidelines for the implementation of its Personal Data Protection Act (the “PDPA”) for two industry sectors. The guidelines discuss the use of anonymized and aggregated personal data and business contact information.

Personal data

Personal data Education Communications Government

UK: The return from home working presents its own cyber security risk – what is it and what should you be doing?

DLA Piper Privacy Matters

JUNE 1, 2020

This has given rise to a cyber security risk and there has been an inevitable vulnerability that comes with the rollout of remote working solutions and a dispersed workforce. The attention of businesses has therefore been focused on how best to allow that rollout to occur while maintaining the appropriate level of cyber security.

Risk

Risk IT Security Personal data

Catches of the Month: Phishing Scams for September 2022

IT Governance

SEPTEMBER 6, 2022

Welcome to our September 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over their personal data. Twilio provided an example of one of the fraudulent text messages. Facebook Business/Ads users warned of sophisticated scam.

Phishing

Phishing Access Education Personal data

Catches of the Month: Phishing Scams for February 2023

IT Governance

FEBRUARY 7, 2023

Welcome to our February 2023 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. However, cyber security experts are warning that another group – scammers – could also embrace the technology.

Phishing

Phishing Government Education Personal data

Librarian Sues Equifax Over 2017 Data Breach, Wins $600

Krebs on Security

JUNE 13, 2018

In the days following revelations last September that big-three consumer credit bureau Equifax had been hacked and relieved of personal data on nearly 150 million people , many Americans no doubt felt resigned and powerless to control their information. But not Jessamyn West. I was willing to do the work and go to court.

Data breaches

Data breaches Personal data Privacy Libraries

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

You must tell people when you’re collecting their personal information to give them the opportunity to exercise their data subject rights. These rights enable individuals to access the personal data organisations store on them and to challenge the way their information is used.

GDPR

GDPR Privacy Retail Personal data

7 steps to highly effective GDPR compliance

IT Governance

AUGUST 21, 2019

The GDPR requires you to implement “appropriate technical and organisational measures” to ensure the security and privacy of the personal data your organisation processes. Educate and empower your employees to make better decisions. The categories of recipients to whom the personal data have been or will be disclosed.

GDPR

GDPR Compliance Personal data Access

Six eDiscovery Trends for 2024

eDiscovery Daily

JANUARY 10, 2024

Data Privacy Restrictions Will Increase With the growing awareness and importance of data privacy, governments and corporations will encounter more stringent regulations globally. The General Data Protection Regulation (GDPR) is an early example of this. This may be especially true for data that crosses national borders.

Blockchain

Blockchain Artificial Intelligence Cloud Compliance

5 things HR departments need to know about data protection

IT Governance

OCTOBER 7, 2019

HR plays a crucial role in an organisation’s GDPR (General Data Protection Regulation) compliance. The department is full of personal data, whether it’s of employees, their next of kin or candidates responding to job adverts. Let’s take a look at five issues that HR must address when handling personal data.

GDPR

GDPR Personal data Compliance Communications

National AI Strategy: The UK Government Publishes Its Artificial Intelligence Strategy for the Next Decade

Data Matters

OCTOBER 21, 2021

For example, the UK strategy includes consideration of whether to drop Article 22’s restrictions on automated decision-making, and whether to maintain the UK’s current sectoral approach to AI regulation. Explore how privacy enhancing technologies can allow for more seamless data transfers worldwide.

Artificial Intelligence

Artificial Intelligence Government Paper IT

Catches of the Month: Phishing Scams for March 2023

IT Governance

MARCH 7, 2023

Welcome to our March 2023 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. AI is widely used in many business processes, helping organisations analyse data and automate tasks. Cyber security is no exception.

Phishing

Phishing Artificial Intelligence Passwords Security

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Data Matters

SEPTEMBER 24, 2019

The GDPR was designed to harmonize data protection laws across Europe and to protect EU residents’ data privacy rights; and, its coming triggered significant privacy and data protection compliance activities amongst organizations doing business in the EU and working with the personal data of EU residents.

Personal data

Personal data GDPR Data Privacy Privacy

Analysing Data Breaches Caused by Human Error

IT Governance

DECEMBER 21, 2023

To find out, we looked at the ICO’s (Information Commissioner’s Office) public data set , specifically looking into four data breach types caused by human error: Data emailed to incorrect recipient. Data posted or faxed to incorrect recipient. Failure to redact. Failure to use Bcc. This isn’t too surprising.

Data breaches

Data breaches Personal data Government GDPR

The Information Commissioner’s Office Issues UK Department for Education with Formal Reprimand

When are schools required to report personal data breaches?

Trending Sources

CIPL Submits Comments on Irish DPC’s Guidance on Safeguarding Personal Data of Children

GDPR: How the definition of personal data has changed

China Implements Regulation Increasing Protections for Children’s Personal Data

Two FTC complaints that over-retention of personal data violates Section 5

Cyber Security Awareness Month – Answering Google’s Most Commonly Asked Questions

Security Compliance & Data Privacy Regulations

Top 5 Cloud security challenges, risks and threats

Connecticut Enacts Consumer Privacy Law

Top cyber security tips for keeping kids safe online

Businesses to Assist NHS Test and Trace Efforts

Catches of the Month: Phishing Scams for August 2023

Multinational ICICI Bank leaks passports and credit card numbers

What are you doing for Data Privacy Week?

What is Cyber Security Awareness and Why is it Important?

2022 Cyber Security Review of the Year

Catches of the Month: Phishing Scams for October 2023

Phishing, the campaigns that are targeting Italy

ASEAN releases Joint Guide to ASEAN Model Contractual Clauses and EU Standard Contractual Clauses and AI Governance Guide

CIPL Releases Paper on Privacy-Enhancing and Privacy-Preserving Technologies: Understanding the Role of PETs and PPTs in the Digital Age

Catches of the Month: Phishing Scams for October 2022

‘Mother of All Breaches’: 26 BILLION Records Leaked

Phishers migrate to Telegram

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Data security: Why a proactive stance is best

Sky.com servers exposed via misconfiguration

MY TAKE: Apple users show strong support for Tim Cook’s privacy war against Mark Zuckerberger

Are Retailers Shopping for a Cybersecurity Breach?

Catches of the Month: Phishing Scams for January 2023

Catches of the Month: Phishing Scams for May 2023

Singapore Personal Data Protection Commission Publishes Two Advisory Guidelines and Anticipates Promulgation of PDPA Regulations

UK: The return from home working presents its own cyber security risk – what is it and what should you be doing?

Catches of the Month: Phishing Scams for September 2022

Catches of the Month: Phishing Scams for February 2023

Librarian Sues Equifax Over 2017 Data Breach, Wins $600

Does your use of CCTV comply with the GDPR?

7 steps to highly effective GDPR compliance

Six eDiscovery Trends for 2024

5 things HR departments need to know about data protection

National AI Strategy: The UK Government Publishes Its Artificial Intelligence Strategy for the Next Decade

Catches of the Month: Phishing Scams for March 2023

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Analysing Data Breaches Caused by Human Error

Stay Connected