IT Governance

JULY 1, 2020

Florence, AL, government hit by cyber attack (unknown). China launches cyber attacks on government websites and banks following India massacre (unknown). Cyber attack on Mid-Michigan College endangers personal data of staff and students (16,000). Australian government bombarded by cyber attacks (unknown).

Data breaches 140

Data breaches Ransomware Retail Personal data 140

Security Affairs

JUNE 16, 2023

The group published the following message on its leak site to clarify the theft of data from government agencies reported by some media: “ WE GOT A LOT OF EMAILS ABOUT GOVERNMENT DATA, WE DON’T HAVE ANY GOVERNMENT DATA AND ANYTHING DIRECTLY RESIDING ON EXPOSED AND BAD PROTECTED NOT ENCRYPTED FILE TRANSFER WE STILL DO THE POLITE THING AND DELETE ALL.

Ransomware 91

Ransomware Data breaches Retail Government 91

IT Governance

OCTOBER 19, 2018

If these could have been used to identify individuals, this would have constituted a personal data breach under the EU GDPR (General Data Protection Regulation). It has also contacted the Information Commissioner’s Office, which “confirmed that this was not a data breach and no personal data was compromised”.

Retail 65

Retail Data breaches Personal data GDPR 65

IT Governance

JULY 1, 2021

If you find yourself facing a cyber security disaster, IT Governance is here to help. Our Cyber Incident Response service provides the help you need to deal with the threat, as our experts guide you through the recovery process. They’ll review the breach, mitigate the damage and ensure that you are up and running again as soon as possible.

Data breaches 130

Data breaches Ransomware Computer and Electronics Retail 130

IT Governance

NOVEMBER 14, 2018

Black Friday and Cyber Monday are almost upon us, kickstarting what retailers hope will be a successful trading period. However, the flurry of purchases and the data that represents means cyber criminals will also be looking to cash in. The post Shopping safely over Black Friday and Cyber Monday appeared first on IT Governance Blog.

Retail 94

Retail Personal data GDPR Risk 94

IT Governance

AUGUST 19, 2020

In this blog, we take a close look at what a data controller and processor does and how they fit into your organisation. What is a data controller? A data controller determines the purposes for which an organisation collects and uses personal data. Are you a data controller or a data processor?

GDPR 95

GDPR Personal data Compliance Privacy 95

IT Governance

NOVEMBER 12, 2018

Not only does it affect the way organisations process personal data, but also extends data subjects rights in terms of how their data is processed. What is a data subject access request (DSAR)? Speak to an expert >> The post Subject Access Requests in Scotland: Do you know what data is held about you?

Access 91

Access GDPR Personal data Retail 91

IT Governance

JUNE 30, 2022

million) Brazilian retailer Fast Shop confirms cyber attack (unknown) ADM Associates announces security incident (unknown) Guardian Fueling Technologies has been hacked (unknown) Pape-Dawson Engineers, Inc. If you’re facing a cyber security disaster, IT Governance is here to help. In other news… WeLeakInfo.to

Data breaches 136

Data breaches Ransomware Personal data Blockchain 136

Krebs on Security

AUGUST 16, 2021

Like other mobile providers, T-Mobile is locked in a constant battle with scammers who target its own employees in SIM swapping attacks and other techniques to wrest control over employee accounts that can provide backdoor access to customer data. In at least one case , retail store employees were complicit in the account takeovers.

Data breaches 308

Data breaches Access Retail Sales 308

IBM Big Data Hub

FEBRUARY 23, 2024

The GDPR puts forth a litany of rules for how organizations in and outside of Europe handle the personal data of EU residents. The details of any organization’s plan to become fully GDPR compliant will vary based on the data the organization collects and what it does with that data.

GDPR 80

GDPR Compliance Personal data Privacy 80

IT Governance

JUNE 1, 2022

If you’re facing a cyber security disaster, IT Governance is here to help. The post List of data breaches and cyber attacks in May 2022 – 49.8 million records breached appeared first on IT Governance UK Blog. State Bar of Georgia investigating cyber attack (unknown) US Department of Defense tricked into paying $23.5

Data breaches 126

Data breaches Ransomware Phishing Education 126

IT Governance

APRIL 2, 2020

Millions of Brazilians’ data leaked after being stored in unprotected database (81.5 Anonymous secret-sharing app Whisper exposed sensitive personal data (unknown). Dutch government loses two external hard drive containing personal data (6.9 Financial information.

Data breaches 143

Data breaches Ransomware Energy and Utilities Phishing 143

IT Governance

JANUARY 25, 2019

Home improvement retailer B&Q has suffered a data breach affecting 70,000 of its… well, not customers, exactly. There’s nothing in GDPR that says those people suspected of criminal behaviour don’t have the same rights to the protection of their personal data as anyone else.”.

Data breaches 111

Data breaches GDPR Passwords Retail 111

Thales Cloud Protection & Licensing

JUNE 24, 2021

Businesses are governed by an increasingly complex network of regulations, jurisdictions, and standards which dictate security and privacy requirements. The retail sector, especially, is a lucrative target for credential stuffing attacks , resulting in billions lost every year. Thu, 06/24/2021 - 07:22.

Authentication 71

Authentication Compliance GDPR Personal data 71

Thales Cloud Protection & Licensing

NOVEMBER 15, 2023

The entire passenger process, from check-in to boarding, involves multiple stakeholders, including government regulators, airport management, airline personnel, and on-premise security teams, working together to maintain a robust and secure environment.

Cybersecurity 87

Cybersecurity Authentication Access Compliance 87

IT Governance

FEBRUARY 14, 2024

Data breached: >33,000,000 people’s data. Thailand’s Department of Older Persons breached, exposing almost 20 millio n personal data records The Department of Older Persons, part of Thailand’s Ministry of Social Development and Human Security, suffered a data breach in which 19,718,687 rows or personal data was exposed.

Data Privacy 52

Data Privacy Manufacturing Privacy Security 52

IT Governance

NOVEMBER 14, 2018

A data processor is the organisation that does the legwork; it processes the information on the controller’s behalf. For example, a marketing executive at a retailer hires a company to conduct a survey on shoppers’ browsing habits. That’s not to say that the data processor is entirely at the whim of the data controller.

GDPR 107

GDPR Retail Data collection Personal data 107

Security Affairs

OCTOBER 9, 2020

The hacker who shared with the ISIS personal data of more than 1,300 U.S. government and military personnel will remain in a federal prison. Ardit Ferizi , aka Th3Dir3ctorY, is the hacker that supported the ISIS organization by handing over data for 1,351 US government and military personnel.

Military 87

Military Government Retail Risk 87

IT Governance

OCTOBER 3, 2019

You must tell people when you’re collecting their personal information to give them the opportunity to exercise their data subject rights. These rights enable individuals to access the personal data organisations store on them and to challenge the way their information is used. Clearly state why you are using CCTV.

GDPR 110

GDPR Privacy Retail Personal data 110

IT Governance

JANUARY 9, 2023

Here, you’ll find an overview of the cyber security landscape in 2022, including the total number of publicly disclosed security incidents, the number of compromised records and the sectors most susceptible to data breaches. IT Governance discovered 1,063 security incidents in 2022, which accounted for 480,014,323 breached records.

Data breaches 126

Data breaches Ransomware Government Passwords 126

IT Governance

DECEMBER 1, 2021

If you find yourself facing a cyber security disaster, IT Governance is here to help. The post List of data breaches and cyber attacks in November 2021 – 223.6 million records breached appeared first on IT Governance UK Blog. Financial information.

Data breaches 141

Data breaches Ransomware Computer and Electronics Healthcare 141

IT Governance

NOVEMBER 22, 2018

Hello and welcome to the IT Governance podcast for Friday, 23 November. Just days before Black Friday, Amazon suffered a data breach in which an undisclosed number of customers’ names and email addresses were accidentally exposed on its website. Here are this week’s stories. Allsopp was a willing participant in the crime.

Data breaches 96

Data breaches Personal data Passwords Encryption 96

Hunton Privacy

DECEMBER 1, 2020

On November 26, 2020, the French Data Protection Authority (the “CNIL”) announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies.

GDPR 91

GDPR Personal data Data collection Marketing 91

IT Governance

DECEMBER 30, 2019

Although the GDPR prescribes a penalty regime of fines up to the greater of 4% of annual global turnover or €20 million (about £17 million), the scale of these first fines – and the extent to which the ICO clearly intends to crack down on organisations that fail to properly secure the personal data they process – took most organisations by surprise.

Data breaches 78

Data breaches Personal data GDPR Ransomware 78

Hunton Privacy

SEPTEMBER 19, 2016

On September 15, 2016, the New Jersey Senate unanimously approved a bill that seeks to limit retailers’ ability to collect and use personal data contained on consumers’ driver and non-driver identification cards.

Privacy 45

Privacy Retail Personal data Insurance 45

IT Governance

JANUARY 9, 2024

Source (New) Software Luxembourg Yes 3,600,000 National Automobile Dealers Association Source (New) Retail USA Yes 1,065,000 Consórcio Canopus Source (New) Professional services Brazil Yes 1,400,000 The Teaching Company (Wondrium by The Great Courses) Source (New) Education USA Yes 1.3 TB Gräbener Maschinentechnik GmbH & Co.

Data Privacy 75

Data Privacy Privacy Manufacturing Data breaches 75

Data Protection Report

NOVEMBER 2, 2023

In 2017, Equifax Inc, suffered a cybersecurity breach, with hackers able to access the personal data of around 13.8 The breach included data held by Equifax Inc in connection with two of Equifax’s products.

GDPR 77

GDPR Risk Cybersecurity Compliance 77

IT Governance

DECEMBER 1, 2020

million) Phil i ppines COVID-19 track and trace app leaks citizens’ data (unknown) Contractor mistakenly removed data from Hong Kong’s Queen Mary Hospital (442) Cloud Clusters Inc. The post List of data breaches and cyber attacks in November 2020 – 586 million records breached appeared first on IT Governance UK Blog.

Data breaches 137

Data breaches Ransomware e-Discovery Personal data 137

IT Governance

FEBRUARY 23, 2018

There is an alarming lack of awareness across all industries about the EU General Data Protection Regulation (GDPR) , according to a government survey. However, the least prepared sector is retail and wholesale, with only 13% of organisations having started. The survey split respondents into businesses and charities.

GDPR 63

GDPR Compliance Insurance Personal data 63

IT Governance

JUNE 19, 2019

Systematic processing includes activities that are used to observe, monitor or control data subjects. Likewise, a retailer might use personal data collected about an individual to provide targeted ads. Large-scale’ refers to: A significant number of data subjects; A high volume of personal data; or.

GDPR 73

GDPR Personal data Risk Data breaches 73

IT Governance

NOVEMBER 28, 2023

9 million records breached through decade-long data leak A former temporary employee of a subsidiary of NTT West (Nippon Telegraph and Telephone West Corp) illegally accessed about 9 million personal data records over the course of a decade (2013 to 2023). Breached records: more than 56 million.

Data Privacy 52

Data Privacy Privacy Energy and Utilities Data breaches 52

Hunton Privacy

MARCH 8, 2017

Moreover, issues discovered after an M&A transaction has concluded can expose companies to massive liabilities such as expensive consumer class action litigation, intrusive government investigations, hefty remediation costs and other expenses.”. Read the full press release.

Privacy 45

Privacy Security Retail Personal data 45

DLA Piper Privacy Matters

JANUARY 28, 2022

Looking back on 2021, the privacy and data protection landscape continues to evolve at pace. In Europe we saw the UK finally conclude Brexit and establishment of a separate data protection regime in the UK which will be governed by the UK GDPR. Data transfers to other countries remain a challenge.

GDPR 98

GDPR Privacy Data breaches Personal data 98

IT Governance

JUNE 11, 2019

Upon discovery of the breach, the security of our retail platform was immediately restored and appropriate measures were taken to ensure the security of all other online assets,” the statement read. The GDPR states that organisations must take “appropriate technical and organisational measures” to secure EU residents’ personal data.

GDPR 66

GDPR Personal data Data breaches Retail 66

Thales Cloud Protection & Licensing

NOVEMBER 30, 2021

Data aggregation verification is gaining traction, while biometrics are intuitively replacing passwords. Registration and medical data access in healthcare. Enrolment and remote access to government services such as social security, tax, etc. Secure online services for retailers. Premium automotive apps.

Authentication 71

Authentication Privacy Compliance Retail 71

Data Protection Report

JANUARY 10, 2023

While there is no specific obligation to demonstrate or record a reason for not complying with a “ should ” obligation, it would be prudent for businesses to satisfy themselves as to what this reason is and record it as part of their internal governance practices. Use of Special Category Data for direct marketing.

Marketing 103

Marketing B2B Personal data Retail 103

IT Governance

JULY 5, 2022

Welcome to our July 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over their personal data. The next most frequent targets were software-as-a-service and webmail providers (20.5%) and e-commerce sites and retail stores (14.6%).

Phishing 116

Phishing e-Delivery Retail Insurance 116