GDPR, Phishing and Retail - Information Management Today

How FIDO 2 authentication can help achieve regulatory compliance

Thales Cloud Protection & Licensing

JUNE 24, 2021

The retail sector, especially, is a lucrative target for credential stuffing attacks , resulting in billions lost every year. One of the great benefits of FIDO2 is that it is not susceptible to phishing, man-in-the-middle and other attacks targeting user credentials. Compliance with GDPR and CCPA. Compliance with PSD2.

Authentication

Authentication Compliance GDPR Personal data

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

An online retailer always gets users’ explicit consent before sharing customer data with its partners. Far-reaching regulations like Europe’s GDPR levy steep fines on organizations that fail to safeguard sensitive information. A navigation app anonymizes activity data before analyzing it for travel trends.

Data Privacy

Data Privacy Privacy GDPR Personal data

Shopping safely over Black Friday and Cyber Monday

IT Governance

NOVEMBER 14, 2018

Black Friday and Cyber Monday are almost upon us, kickstarting what retailers hope will be a successful trading period. However, retailers offering both a physical and digital presence stand to gain the most, as the omnichannel approach is favoured by 69% of UK-based survey respondents.

Retail

Retail Personal data GDPR Risk

List of data breaches and cyber attacks in June 2020 – 7 billion records breached

IT Governance

JULY 1, 2020

University of Utah Health notifies patients of phishing attack (unknown). Phishing scam targets German coronavirus task force (100+). com impersonated in year-long phishing attack (unknown). Australian activewear retailer In Sport infected with ransomware (unknown). Data breaches.

Data breaches

Data breaches Ransomware Retail Personal data

Radisson Rewards programme breached

IT Governance

NOVEMBER 19, 2018

It also advised members to be aware of phishing emails: You should also be aware that third parties may claim to be Radisson Rewards and attempt to gather personal information by deception (known as ‘phishing’) […] Radisson Rewards will not ask for your password or user information to be provided in an e-mail.

GDPR

GDPR Phishing Passwords Data breaches

Getting #BreachReady: prepare for the worst, hope for the best

IT Governance

JULY 23, 2018

The EU GDPR (General Data Protection Regulation) is very much alive and kicking. Since its coming into force in May, the EU-wide GDPR has led to an increase in data breach reporting, as the requirement is for organisations to notify the ICO of a breach within 72 hours of becoming aware of it.

GDPR

GDPR Data breaches Phishing Risk

2019 end-of-year review part 2: July to December

IT Governance

DECEMBER 30, 2019

million for breaching the GDPR (General Data Protection Regulation). The NHS was criticised for signing a deal with Amazon that allowed patients to access their health information via its Alexa voice assistant – potentially granting the online retail giant access to vast amounts of sensitive personal data.

Data breaches

Data breaches Personal data GDPR Ransomware

E-learning: the effective way to train your team

IT Governance

JUNE 21, 2018

It is widely acknowledged that the retail and hospitality industries experience high staff turnover: frontline roles are often filled by temporary, young or part-time staff, the hours can be long and unsociable and the work can be physically demanding.

Retail

Retail Education Compliance GDPR

Germany: Bavarian Data Protection Authority announces possible fines after sobering result of website search

DLA Piper Privacy Matters

MARCH 21, 2019

The DPA reviewed cyber security and user tracking practices with the – “sobering” – finding that in the DPA’s view none of the 40 companies provided for GDPR-compliant practices on their websites. As a result, the DPA announced it is considering fines under the GDPR. Consequences and risk based recommendations.

GDPR

GDPR Personal data Risk Retail

Security Outlook 2023: Cyber Warfare Expands Threats

eSecurity Planet

JANUARY 5, 2023

The usual avenues such as email phishing , credential compromise, and exploitation of vulnerabilities will continue and even expand. Retailers have begun to launch digital goods available for purchase in virtual worlds. We already have the EU’s GDPR, which set a global precedent. End Users Are Still the Trouble Spot.

Security

Security Ransomware Cybersecurity Privacy

How data breaches are affecting the retail industry

IT Governance

AUGUST 21, 2018

What steps will the ICO (Information Commissioner’s Office) take to ensure organisations comply with the recently enforced GDPR (General Data Protection Regulation)? Fashion Nexus – a web development e-commerce company that works closely with a number of retailers – suffered a breach when the personal information of approximately 1.3

Retail

Retail Data breaches GDPR Compliance

Weekly podcast: Amazon, TalkTalk and City of York

IT Governance

NOVEMBER 22, 2018

According to The Register , the online retail giant emailed affected customers on Tuesday, unapologetically saying: Hello, We’re contacting you to let you know that our website inadvertently disclosed your name and email address due to a technical error. However, Amazon’s UK press office acknowledged that it was in fact genuine.

Data breaches

Data breaches Personal data Passwords Encryption

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Meanwhile, GDPR (General Data Protection Regulation) enforcement continues apace. million) fine for twelve breaches of the GDPR. All signs pointed to a senior employee being tricked by a spear phishing or whaling scam. Elsewhere in March, Meta – the parent company of Facebook – was handed a €17 million (about £14.2

Security

Security Data breaches Ransomware Military

Top GRC Tools & Software for 2021

eSecurity Planet

JANUARY 21, 2021

Data privacy regulations like the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) can be hard to navigate for businesses of any size, but GRC tools can simplify and streamline compliance with all of the requirements. See our in-depth look at RSA Archer. LogicManager. Back to top. Riskonnect.

Compliance

Compliance Risk Government Retail

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Data privacy regulations like the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) can be hard to navigate for businesses of any size, but GRC tools can simplify and streamline compliance with all of the requirements. See our in-depth look at RSA Archer. LogicManager. Back to top. Riskonnect.

Compliance

Compliance Risk Government Retail

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

IT Governance

DECEMBER 11, 2023

Source (New) Insurance USA Yes 105,387 Carter’s | Oshkosh Israel Source (New) Retail Israel Yes >100,000 SodaStream Source (New) Manufacturing Israel Yes >100,000 Amsellem & Weitz Source (New) Legal Israel Yes 100 GB Stanley Steemer International, Inc. Source (New) Retail USA Yes 2,469 Three GreatStar Industrial Co.

Data Privacy

Data Privacy Energy and Utilities Privacy Manufacturing

The Week in Cyber Security and Data Privacy: 15 – 21 April 2024

IT Governance

APRIL 22, 2024

Cloud, FL Source (Update) Public USA Yes 719,597 Regulator Marine Inc Source (New) Manufacturing USA Yes 630 GB Risas Dental and Braces Source 1 ; source 2 (New) Healthcare USA Yes 618,189 HUB International Source (New) Insurance USA Yes 514,477 Lee University Source 1 ; source 2 (New) Education USA Yes 387.49

Data Privacy

Data Privacy Privacy Manufacturing Security

A Practical Guide to Cyber Incident Response

IT Governance

MAY 24, 2024

If you’re a retailer, you’re going to see way more web traffic than usual. Take your pick: DoS Phishing Ransomware DNS poisoning Backdoor attacks Ultimately, a lot of them involve malware, but threat actors can deliver it in many different ways. Which means asking: Why are so many phishing emails coming through?

Risk

Risk Security Ransomware Phishing

Security Affairs newsletter Round 298

Security Affairs

JANUARY 24, 2021

Critical flaws in Orbit Fox WordPress plugin allows site takeover EMA said that hackers manipulated stolen documents before leaking them Security Affairs newsletter Round 297 500K+ records of C-level people from Capital Economics leaked online Apple paid a $50,000 bounty to two bug bounty hunters for hacking its hosts German laptop retailer fined €10.4m (..)

Security

Security Retail Libraries GDPR

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

IT Governance

FEBRUARY 6, 2024

Italian data protection authority notifies OpenAI of GDPR breaches Following last March’s temporary ban in the country, Italy’s data protection regulator, the Garante per la Protezione dei Dati Personali, has notified ChatGPT’s parent company, OpenAI, that it has identified several breaches of data protection law. “The

Data Privacy

Data Privacy Privacy Insurance Security

The Hacker Mind Podcast: Going Passwordless

ForAllSecure

JANUARY 19, 2022

So the adversary starts to move their horse pipe and tries to find the the biggest reward the effort that they're going to put into these things and suddenly you start to move on to the next level, which is things like maybe social engineering or perhaps methods of coercing the user out of their authentication capabilities to phishing sites.

Passwords

Passwords Authentication Access Data breaches

Information Management Today