INDUSTRY INSIGHTS YOUR PEERS ARE READING
Thousands of customers' credit card numbers, MoviePass card numbers, and sensitive data were left in an unprotected database MORE
Evernote's web clipper extension for Chrome is vulnerable to a critical flaw that could have exposed the data of more than 4.6 million users. Vulnerabilities Web Security chrome browser critical vulnerability cross site scripting attack evernote Evernote extension Proof of Concept MORE
A Walmart jewelry partners' misconfigured AWS S3 bucket left personal details and contact information of 1.3 Cloud Security Featured Privacy Web Security AWS AWS S3 Bucket data leak Leaky Bucket personal datamillion customers in plain sight. MORE
A vulnerability in British Airways' e-ticketing system could enable a bad actor to view passengers' personal data or change their booking information. Hacks Vulnerabilities British Airways British airways data breach Data Privacy Data security e-ticketing flaw Encryption MORE
A massive breach has impacted up to 21 million users' personal data and their social media "access tokens.". Cloud Security Hacks Mobile Security access tokens cloud computing breach data breach Facebook Facebook Privacy Multi Factor Authentication personal data social media Timehop MORE
Data-driven technologies are an inevitable feature of modern political campaigning. All the data-driven methods presented in this guide would not exist without the commercial digital marketing and advertising industry. Really interesting report from Tactical Tech. MORE
A recent experiment found all sorts of personal data left on used laptops and smartphones. This should come as no surprise. Simson Garfinkel performed the same experiment in 2003, with similar results. computersecurity dataloss dataprotection MORE
114 
This week, the ICO (Information Commissioner’s Office) prosecuted and fined a former deputy headteacher for unlawfully obtaining personal data from two schools he had previously worked at. He later told the ICO that the data had been taken for professional reasons. MORE
Now that the EU GDPR (General Data Protection Regulation) has been in effect for over a year, you’ve likely become acquainted with the term ‘personal data’ But what exactly does personal data mean? What is personal data? Location data. MORE
An integral part of your EU General Data Protection Regulation (GDPR) compliance project is producing appropriate documentation, which includes a personal data breach notification procedure. What is a personal data breach? Loss of availability of personal data. MORE
The personal email addresses - some indicating user names or government official status - of more than a million pornography website users were exposed. Privacy Web Security adult website security data leak database elasticsearch database exposed data luscious vulnerability MORE
New attack by Anonymous Italy: personal data from ministries and police have been released online. As announced, the three groups that coordinate the operation “Black Week” have released also today new data from their raids on online sites and databases. Sensitive data by members of the Lega Nord del Trentino, Fratelli d’Italia and the Democratic Party of the city of Siena were disseminated. MORE
Australian Bank Says Customer Data Sent to Two Service Providers National Australia Bank says it is contacting 13,000 customers after personal account data was uploaded without authorization to two data service providers. MORE
Reality #2: Any data point you share with a company will in all likelihood eventually be hacked, lost, leaked, stolen or sold usually through no fault of your own. MORE
Now that the EU GDPR (General Data Protection Regulation) has been in effect for a couple of months, you’ve hopefully become acquainted with its definition of personal data: “any information relating to an identified or identifiable natural person”. What is personal data? MORE
The Turkish Personal Data Protection Authority fined Facebook $270,000 for the Photo API bug that exposed personal photos of 300,000 Turkish users. The Turkish Personal Data Protection Authority (KVKK) has fined Facebook 1.65 MORE
An ICO (Information Commissioner’s Office) report has found that 45% of customers don’t trust organisations with their personal data. This is hardly surprising, given the constant news stories about cyber attacks and organisations mishandling personal data. MORE
Email Addresses, Phone Numbers for 49 Million People Potentially Exposed There's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company. MORE
IoT Privacy Data Finance Ford hackett personal data scooter spinFord's CEO sees the tech company model as key to the company's next chapter. MORE
Breach Hacks 14 million api server breach data breach hashed password hostinger Password websiteHostinger said that unauthorized access to an internal API server exposed hashed passwords of 14 million customers. MORE
Researchers find more than 1,000 apps in the Google Play store that gather personal data even when the user has denied permission MORE
114 On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. With the Regulation expanding the definition of personal data, many organisations were uncertain as to what the new definition includes. MORE
When it comes to personal data privacy, it can be hard to see the forest for the trees. Headlines and social media are dominated by data breaches, resulting in both reputational and financial loss. Data breaches and GDPR impact trust. Data Privacy MORE
When organisations transfer data, they inevitably compromise its security to some degree. There’s not much organisations can do to eliminate data loss, so the problem becomes how to reduce the damage once the data is exposed? Data transfers. MORE
Firm to appeal decision by Berlin regional court which upholds complaints that users not given informed consent Facebook’s default privacy settings and use of personal data are against German consumer law, according to a judgement handed down by a Berlin regional court. The court found that Facebook collects and uses personal data without providing enough information to its members for them to render meaningful consent. MORE
Under the GDPR, all personal data breaches need to be recorded by the organisation and there should be a clear and defined process for doing so. Understanding what constitutes a personal data breach. The ICO defines a personal data breach as. “…a MORE
On 22 August 2019, the Cyberspace Administration of China (CAC) announced the implementation of the Online Protection of Children’s Personal Data Regulation (????????????), (“the Regulation”) which came into force on 1 October 2019. The Regulation comprises a list of rules which seek to ensure the safety of children’s personal data and promote a healthy upbringing for children. MORE
Privacy Agora email blunder leaky data UNICEFThe organization accidentally sent the names, email addresses, gender and professional information of users of its portal Agora in an email sent in August. MORE
HR Software Provider Says Names, Addresses, Emails and Phone Numbers Exposed PageUp, an HR software developer based in Australia, is warning that malware-wielding attackers may have accessed a raft of personal data stored in the company's systems. MORE
Breach Hacks data breach Data Privacy Data security doordash personal information Security third party providerAccessed information includes delivery addresses, license numbers, names, phone numbers and more. MORE
It's much harder than it should be to get your name off of data broker and people-search sites, but it's possible. . Security Security / Privacy MORE
The Federal Emergency Management Agency failed to properly protect the personal information of 2.3 A partially redacted memo issued by the Office of the Inspector General of the Department of Homeland Security stated that FEMA released the personally identifiable information of 2.3 MORE
As the saying goes, you’re only as strong as your weakest link, which is as true for data security as any other situation. Unfortunately, world-famous retailer Fortnum & Mason was recently let down by a weak link – survey company Typeform – that exposed the personal data of 23,000 of its customers. A breach of Typeform affected Fortnum & Mason customers who voted using the Typeform form in the “TV Personality of the Year” category. MORE
To be specific, this provision stipulates that personal data must be erased immediately when it’s no longer needed for the original processing purpose, or the data subject has withdrawn their consent, and there is no other legal ground for keeping it. MORE
teeters on the edge of a "no deal" Brexit, the country's information commissioner has warned businesses to prepare, saying that any organization that handles Europeans' personal data must ensure they have a legal transfer arrangement in place for continuing to do so MORE
On May 27, 2019, Thailand’s Personal Data Protection Act B.E. Although now effective, the main operative provisions concerning personal data protection (including requests for data subjects’ consent; collection/use and disclosure of personal data; rights of data subjects; complaints; civil liabilities and penalties) will not come into force until one year after their publication in the Government Gazette ( i.e. , on May 28, 2020). MORE
Personal data Related Topics 
Data Breach Today
MAY 21, 2019
Email Addresses, Phone Numbers for 49 Million People Potentially Exposed There's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company.
Data Breach Today
JULY 29, 2019
Australian Bank Says Customer Data Sent to Two Service Providers National Australia Bank says it is contacting 13,000 customers after personal account data was uploaded without authorization to two data service providers.
Data Breach Today
JUNE 12, 2018
HR Software Provider Says Names, Addresses, Emails and Phone Numbers Exposed PageUp, an HR software developer based in Australia, is warning that malware-wielding attackers may have accessed a raft of personal data stored in the company's systems.
Data Breach Today
FEBRUARY 1, 2019
teeters on the edge of a "no deal" Brexit, the country's information commissioner has warned businesses to prepare, saying that any organization that handles Europeans' personal data must ensure they have a legal transfer arrangement in place for continuing to do so
|
IT Governance
APRIL 10, 2019
On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. With the Regulation expanding the definition of personal data, many organisations were uncertain as to what the new definition includes.
Schneier on Security
APRIL 3, 2019
Data-driven technologies are an inevitable feature of modern political campaigning. All the data-driven methods presented in this guide would not exist without the commercial digital marketing and advertising industry. Really interesting report from Tactical Tech.
Schneier on Security
DECEMBER 6, 2018
Reality #2: Any data point you share with a company will in all likelihood eventually be hacked, lost, leaked, stolen or sold usually through no fault of your own.
Security Affairs
MAY 12, 2019
The Turkish Personal Data Protection Authority fined Facebook $270,000 for the Photo API bug that exposed personal photos of 300,000 Turkish users. The Turkish Personal Data Protection Authority (KVKK) has fined Facebook 1.65
Threatpost
AUGUST 13, 2019
A vulnerability in British Airways' e-ticketing system could enable a bad actor to view passengers' personal data or change their booking information. Hacks Vulnerabilities British Airways British airways data breach Data Privacy Data security e-ticketing flaw Encryption
|
|
Hunton Privacy
MAY 30, 2019
On May 27, 2019, Thailand’s Personal Data Protection Act B.E. Although now effective, the main operative provisions concerning personal data protection (including requests for data subjects’ consent; collection/use and disclosure of personal data; rights of data subjects; complaints; civil liabilities and penalties) will not come into force until one year after their publication in the Government Gazette ( i.e. , on May 28, 2020).
Threatpost
SEPTEMBER 26, 2019
Breach Hacks data breach Data Privacy Data security doordash personal information Security third party providerAccessed information includes delivery addresses, license numbers, names, phone numbers and more.
Adam Levin
MARCH 27, 2019
The Federal Emergency Management Agency failed to properly protect the personal information of 2.3 A partially redacted memo issued by the Office of the Inspector General of the Department of Homeland Security stated that FEMA released the personally identifiable information of 2.3
Threatpost
SEPTEMBER 12, 2019
Privacy Agora email blunder leaky data UNICEFThe organization accidentally sent the names, email addresses, gender and professional information of users of its portal Agora in an email sent in August.
Threatpost
NOVEMBER 19, 2018
IoT Privacy Data Finance Ford hackett personal data scooter spinFord's CEO sees the tech company model as key to the company's next chapter.
IT Governance
JULY 29, 2019
Now that the EU GDPR (General Data Protection Regulation) has been in effect for over a year, you’ve likely become acquainted with the term ‘personal data’ But what exactly does personal data mean? What is personal data? Location data.
Threatpost
AUGUST 26, 2019
Breach Hacks 14 million api server breach data breach hashed password hostinger Password websiteHostinger said that unauthorized access to an internal API server exposed hashed passwords of 14 million customers.
Threatpost
AUGUST 21, 2019
The personal email addresses - some indicating user names or government official status - of more than a million pornography website users were exposed. Privacy Web Security adult website security data leak database elasticsearch database exposed data luscious vulnerability
IT Governance
APRIL 18, 2018
An integral part of your EU General Data Protection Regulation (GDPR) compliance project is producing appropriate documentation, which includes a personal data breach notification procedure. What is a personal data breach? Loss of availability of personal data.
Threatpost
JUNE 13, 2019
Evernote's web clipper extension for Chrome is vulnerable to a critical flaw that could have exposed the data of more than 4.6 million users. Vulnerabilities Web Security chrome browser critical vulnerability cross site scripting attack evernote Evernote extension Proof of Concept
Dark Reading
JULY 8, 2019
Researchers find more than 1,000 apps in the Google Play store that gather personal data even when the user has denied permission
Data Matters
OCTOBER 15, 2019
On 22 August 2019, the Cyberspace Administration of China (CAC) announced the implementation of the Online Protection of Children’s Personal Data Regulation (????????????), (“the Regulation”) which came into force on 1 October 2019. The Regulation comprises a list of rules which seek to ensure the safety of children’s personal data and promote a healthy upbringing for children.
Threatpost
MARCH 15, 2018
A Walmart jewelry partners' misconfigured AWS S3 bucket left personal details and contact information of 1.3 Cloud Security Featured Privacy Web Security AWS AWS S3 Bucket data leak Leaky Bucket personal datamillion customers in plain sight.
IT Governance
JANUARY 3, 2018
When organisations transfer data, they inevitably compromise its security to some degree. There’s not much organisations can do to eliminate data loss, so the problem becomes how to reduce the damage once the data is exposed? Data transfers.
Dark Reading
AUGUST 21, 2019
Thousands of customers' credit card numbers, MoviePass card numbers, and sensitive data were left in an unprotected database
Threatpost
JULY 9, 2018
A massive breach has impacted up to 21 million users' personal data and their social media "access tokens.". Cloud Security Hacks Mobile Security access tokens cloud computing breach data breach Facebook Facebook Privacy Multi Factor Authentication personal data social media Timehop
Collibra
MAY 1, 2019
When it comes to personal data privacy, it can be hard to see the forest for the trees. Headlines and social media are dominated by data breaches, resulting in both reputational and financial loss. Data breaches and GDPR impact trust. Data Privacy
The Guardian Data Protection
FEBRUARY 12, 2018
Firm to appeal decision by Berlin regional court which upholds complaints that users not given informed consent Facebook’s default privacy settings and use of personal data are against German consumer law, according to a judgement handed down by a Berlin regional court. The court found that Facebook collects and uses personal data without providing enough information to its members for them to render meaningful consent.
IT Governance
JULY 18, 2018
Now that the EU GDPR (General Data Protection Regulation) has been in effect for a couple of months, you’ve hopefully become acquainted with its definition of personal data: “any information relating to an identified or identifiable natural person”. What is personal data?
InfoGoTo
AUGUST 26, 2019
To be specific, this provision stipulates that personal data must be erased immediately when it’s no longer needed for the original processing purpose, or the data subject has withdrawn their consent, and there is no other legal ground for keeping it.
WIRED Threat Level
NOVEMBER 7, 2019
It's much harder than it should be to get your name off of data broker and people-search sites, but it's possible. . Security Security / Privacy
IT Governance
DECEMBER 10, 2018
This week, the ICO (Information Commissioner’s Office) prosecuted and fined a former deputy headteacher for unlawfully obtaining personal data from two schools he had previously worked at. He later told the ICO that the data had been taken for professional reasons.
IT Governance
OCTOBER 15, 2018
Under the GDPR, all personal data breaches need to be recorded by the organisation and there should be a clear and defined process for doing so. Understanding what constitutes a personal data breach. The ICO defines a personal data breach as. “…a
Security Affairs
NOVEMBER 5, 2018
New attack by Anonymous Italy: personal data from ministries and police have been released online. As announced, the three groups that coordinate the operation “Black Week” have released also today new data from their raids on online sites and databases. Sensitive data by members of the Lega Nord del Trentino, Fratelli d’Italia and the Democratic Party of the city of Siena were disseminated.
IT Governance
OCTOBER 10, 2018
An ICO (Information Commissioner’s Office) report has found that 45% of customers don’t trust organisations with their personal data. This is hardly surprising, given the constant news stories about cyber attacks and organisations mishandling personal data.
IT Governance
JULY 20, 2018
As the saying goes, you’re only as strong as your weakest link, which is as true for data security as any other situation. Unfortunately, world-famous retailer Fortnum & Mason was recently let down by a weak link – survey company Typeform – that exposed the personal data of 23,000 of its customers. A breach of Typeform affected Fortnum & Mason customers who voted using the Typeform form in the “TV Personality of the Year” category.
Let's personalize your content