article thumbnail

Catches of the Month: Phishing Scams for October 2023

IT Governance

EvilProxy phishing campaign targets Microsoft 365 accounts via indeed.com A phishing campaign identified by Menlo Security has been targeting senior executives in various industries – most notably banking and financial services, property management and real estate, and manufacturing – since July. Can you spot a phishing scam?

Phishing 105
article thumbnail

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

If malicious actors accessed the exposed data, the company could have faced devastating consequences and put their clients at risk, as financial services are the main target for cybercriminals. Employees, businesses, and individuals whose data were exposed could be at risk of spear phishing campaigns,” added researchers.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Data Matters

The GDPR was designed to harmonize data protection laws across Europe and to protect EU residents’ data privacy rights; and, its coming triggered significant privacy and data protection compliance activities amongst organizations doing business in the EU and working with the personal data of EU residents.

article thumbnail

GDPR automated decision-making and profiling: what are the requirements?

IT Governance

So, you are carrying out profiling if you collect and analyse personal data using algorithms or AI, make associations between habits and characteristics based on that data, and predict individuals’ behaviour based on the demographic or profile that you’ve assigned them. What is profiling under the GDPR?

GDPR 85
article thumbnail

Ireland: DPC Produces “Significant Outputs” for 2022 Concluding 17 Large Scale Inquiries

DLA Piper Privacy Matters

Two-thirds of the GDPR fines issued by EU data protection authorities last year where from the DPC, illustrating a continued commitment to enforcement. This inquiry involves the processing of personal data in relation to biometric facial templates used in the department’s registration process.

article thumbnail

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

In January 2024, it identified more potential victims, and has now written to inform them that their personal data may have been compromised in the incident. Data breached: 2,632,275 people’s data. 204 of them are known to have had data exfiltrated, exposed or otherwise breached.

article thumbnail

Security Compliance & Data Privacy Regulations

eSecurity Planet

The GDPR provision that may keep IT security teams busiest is Article 32, which requires “a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing” of personal data. GDPR-style data privacy laws came to the U.S.