Expert insights. Personalized for you.
Information Stolen From European Medicines Agency Documents on COVID-19 vaccines and medications - including some containing personal information - that were stolen in a cyberattack last month on the European Medicines Agency have been leaked on the internet MORE
165 The implementation of Thailand’s Personal Data Protection Act B.E. Those data controllers for whom compliance has been deferred include agencies and operators of prescribed businesses specified in the Royal Decree on Agencies and Businesses Not Subject to the PDPA B.E. MORE
Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. What constitutes a personal data breach. How to avoid data breaches. MORE
Letter to Twitter, Google, Others Asks About Selling Information to Foreign Governments A bipartisan group of senators has sent a letter to Google, Twitter, Verizon, AT&T and online advertising firms and networks raising national security concerns about the selling of citizens' personal data, which could end up in the hands of foreign governments. MORE
But this is a tricky area to navigate, particularly following the General Data Protection Regulation ( GDPR ), since both the ICO and the FCA have started to pay more attention to this area. What are the legal mechanisms to sell or utilise personal data in an insolvency situation? MORE
An SQL database containing the personal data of 1.3 Researchers from Cyber News have discovered that the personal data of 1.3 million Clubhouse users was leaked online days after LinkedIn and Facebook also suffered data leaks. The post Personal data of 1.3 MORE
A recent experiment found all sorts of personal data left on used laptops and smartphones. This should come as no surprise. Simson Garfinkel performed the same experiment in 2003, with similar results. computersecurity dataloss dataprotection MORE
On 29 January 2021, the Personal Data Protection Commission ( PDPC ) announced that certain sections of the Personal Data Protection (Amendment) Act 2020 (the PDPA Amendments ) will take effect from 1 February 2021 – please see PDPC’s announcement here ; the gazetted Commencement Notification here. MORE
The Personal Data Protection Act B.E. The PDPA is under the supervision of the Ministry of Digital Economy and Society and the main supervising authority of the PDPA is the Office of Data Protection Committee ( Office ). Definition of Personal Data. Background. MORE
On August 2, 2021, the Italian Data Protection Authority ( Garante per la protezione dei dati personali , “Garante”) announced that it had levied a €2,500,000 fine on Deliveroo Italy s.r.l. MORE
The Austrian Data Protection Authority ( “DPA” ) has recently published its decision concerning the use of Google Analytics. The data subject who submitted the complaint ( “User” ) visited the website while being logged in to his Google account. MORE
T-Mobile has said that it has been hit by a “highly sophisticated cyberattack” that compromised the personal data of more than 7.8 In a statement , it confirmed that the stolen data included US customers’ full names, dates of birth, Social Security numbers and ID information. MORE
The unprecedented finding from the European Data Protection Supervisor (EDPS) targets what privacy experts are calling a “big data ark” containing billions of points of information. Surveillance Privacy Data protection Police Big data European Union Europe Technology MORE
As data breaches become more common, increased public attention on privacy has led to a flurry of state-level activity on the issue. 1] It focuses on data processing that can be connected to persons, whether direct or pseudonymized. Prohibited data practices are impermissible. MORE
Chancellor Angela Merkel Among the Victims of Massive Hack Attack and Data Leak Hundreds of members of the German parliament, Chancellor Angela Merkel as well as numerous local celebrities have had their personal details and communications stolen and leaked online as part of what authorities are calling an attack on the country's democracy and institutions MORE
Australian Bank Says Customer Data Sent to Two Service Providers National Australia Bank says it is contacting 13,000 customers after personal account data was uploaded without authorization to two data service providers. The bank, which apologized, says the data has been deleted and was not disclosed further MORE
Europe’s General Data Protection Regulations (GDPR) changed the game. Legacy filing systems were not built to keep track of the personal data of specific individuals primarily to be in compliance with the many data protection regulations popping up around the world. This is an important capability for organizations who need to satisfy this new type data handling regulations. This is because the newer data protection regulations do not apply to old data. MORE
In an excellent blog post , Brian Krebs makes clear something I have been saying for a while: Likewise for individuals, it pays to accept two unfortunate and harsh realities: Reality #1: Bad guys already have access to personal data points that you may believe should be secret but which nevertheless aren't, including your credit card information, Social Security number, mother's maiden name, date of birth, address, previous addresses, phone number, and yes even your credit file. MORE
Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices. IoT Privacy Vulnerabilities amazon Amazon Alexa Data Privacy flaw personal data vulnerability MORE
Email Addresses, Phone Numbers for 49 Million People Potentially Exposed There's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company. MORE
The Draft Guidance also applies to all organizations that process children’s data, not just providers of Information Society Services (“ISS”), and has a broader scope than the ICO Age Appropriate Code, covering issues such as how to address security standards, handle data breaches and use biometrics. MORE
IoT Privacy Data Finance Ford hackett personal data scooter spinFord's CEO sees the tech company model as key to the company's next chapter. MORE
A researcher said he discovered an open data cache with names, grades, birthdates and more, after the Clark County School District refused to pay the ransom. MORE
Jared Walker of Zasio writes a great blog post on Pandemics and Personal Data. The post Pandemics and Personal Data appeared first on IG GURU. Business Education GDPR IG News Information Governance information privacy Privacy Risk News Sponsored COVID-19 Europe Health Information HIPAA Italy Jared Walker Medical Information Pandemic Singapore Zasio MORE
In the CNIL’s view, a data processor’s re-use of personal data for its own purposes results in its re-qualification into a data controller and may be subject to sanctions ( i.e. , for failure to act on the instructions of the controller). MORE
On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. With the Regulation expanding the definition of personal data, many organisations were uncertain as to what the new definition includes. The scope of personal data. Let’s start with the circumstances under which the processing of personal data must meet the GDPR’s requirements. What constitutes personal data? MORE
Documents and personal details of residents of the small Swiss town Rolle, on the shores of Lake Geneva, were stolen in a ransomware attack. The Swiss town Rolle disclosed the data breach after a ransomware attack, personal details of all its 6,200 inhabitants were stolen by threat actors. MORE
As businesses subject to the California Consumer Privacy Act (CCPA) develop and implement policies and procedures to comply with the law, they may want to revisit, or develop an employee personal data protection policy. Why Address an Employee Personal Data Protection Policy Now? MORE
On December 16, 2020, the Committee of Experts within India’s Ministry of Electronics and Information Technology (MeitY) (the “Committee”) issued a revised report on the Non-Personal Data Governance Framework (the “NPDF”) for India (the “Revised Committee Report”). MORE
Working with personal data in today’s cyber threat landscape is inherently risky. It’s possible to de-risk work scenarios involving personal data by carrying out a classic risk assessment of an organization’s internal and external infrastructure. Setting up security contours for certain types of personal data can be useful for: •Nullifying threats and risks applicable to general infrastructural components and their environment. Randomizing data. MORE
Pakistan’s Ministry of Information Technology and Telecommunication recently introduced a new draft of Pakistan’s Personal Data Protection Bill, 2020 (the “Bill”) and launched a public consultation regarding the same. The controller also must maintain a record of personal data breaches. MORE
Outbreak of the coronavirus and personal data privacy. There have been several data breach incidents which have given rise to concerns over privacy and potential discrimination against people from Wuhan and Hubei Province. Compliance and risk management data protection MORE
TikTok is again being accused of illegally processing children’s personal data. She alleges that TikTok is violating the GDPR (General Data Protection Regulation) by collecting excessive data and failing to explain what it’s used for. MORE
The General Data Protection Regulation (GDPR), in force since May 25, 2018, requires businesses to protect the personal data and privacy of European Union (EU) citizens, for transactions that occur within EU Member States. What is personal data under GDPR? MORE
HR Software Provider Says Names, Addresses, Emails and Phone Numbers Exposed PageUp, an HR software developer based in Australia, is warning that malware-wielding attackers may have accessed a raft of personal data stored in the company's systems. The breach may be the largest to have hit Australia since its mandatory data breach notification law went into effect in February MORE
teeters on the edge of a "no deal" Brexit, the country's information commissioner has warned businesses to prepare, saying that any organization that handles Europeans' personal data must ensure they have a legal transfer arrangement in place for continuing to do so Privacy Watchdog Orders Businesses to Prepare as UK Teeters on Edge of 'No Deal' As the U.K. MORE
The declining cost of electronic data storage may have caused some company executives to conclude that retaining personal data forever is “cheap.” The CNIL’s inspection included the insurer’s compliance with Section 5-1(e) of GDPR , which reads: Personal data shall be. (e) MORE
The Irish Court of Appeal has clarified the scope of the definition of personal data – noting that, while the definition is deliberately very broad, it does not facilitate access by an individual to reports stemming from a complaint for the sole reason that the complaint was made by that individual. MORE
Company Says Employees' Personal Data Compromised The ransomware attack that targeted Colonial Pipeline Co. in May compromised the personal information of more than 5,800 individuals, mainly current and former employees, according to a breach notification letter MORE
Personal data Related Topics Data Breach Today
AUGUST 16, 2021
Company Says Employees' Personal Data Compromised The ransomware attack that targeted Colonial Pipeline Co. in May compromised the personal information of more than 5,800 individuals, mainly current and former employees, according to a breach notification letter
The Last Watchdog
JANUARY 10, 2022
Working with personal data in today’s cyber threat landscape is inherently risky. It’s possible to de-risk work scenarios involving personal data by carrying out a classic risk assessment of an organization’s internal and external infrastructure. Setting up security contours for certain types of personal data can be useful for: •Nullifying threats and risks applicable to general infrastructural components and their environment. Randomizing data.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JANUARY 13, 2021
Information Stolen From European Medicines Agency Documents on COVID-19 vaccines and medications - including some containing personal information - that were stolen in a cyberattack last month on the European Medicines Agency have been leaked on the internet
Data Breach Today
APRIL 6, 2021
Letter to Twitter, Google, Others Asks About Selling Information to Foreign Governments A bipartisan group of senators has sent a letter to Google, Twitter, Verizon, AT&T and online advertising firms and networks raising national security concerns about the selling of citizens' personal data, which could end up in the hands of foreign governments.
Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.
Hunton Privacy
JANUARY 20, 2022
In the CNIL’s view, a data processor’s re-use of personal data for its own purposes results in its re-qualification into a data controller and may be subject to sanctions ( i.e. , for failure to act on the instructions of the controller).
The Last Watchdog
NOVEMBER 4, 2021
Europe’s General Data Protection Regulations (GDPR) changed the game. Legacy filing systems were not built to keep track of the personal data of specific individuals primarily to be in compliance with the many data protection regulations popping up around the world. This is an important capability for organizations who need to satisfy this new type data handling regulations. This is because the newer data protection regulations do not apply to old data.
Threatpost
AUGUST 13, 2020
Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices. IoT Privacy Vulnerabilities amazon Amazon Alexa Data Privacy flaw personal data vulnerability
Data Breach Today
MAY 21, 2019
Email Addresses, Phone Numbers for 49 Million People Potentially Exposed There's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company.
Security Affairs
APRIL 11, 2021
An SQL database containing the personal data of 1.3 Researchers from Cyber News have discovered that the personal data of 1.3 million Clubhouse users was leaked online days after LinkedIn and Facebook also suffered data leaks. The post Personal data of 1.3
Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies
If your organization stores data and is connected to the Internet, it is not a matter of “if” a cyber-security incident will happen; but rather, “when” this will occur. Organizations protecting their data is no longer “recommended;” it’s necessary.
|
Data Breach Today
JULY 29, 2019
Australian Bank Says Customer Data Sent to Two Service Providers National Australia Bank says it is contacting 13,000 customers after personal account data was uploaded without authorization to two data service providers. The bank, which apologized, says the data has been deleted and was not disclosed further
Data Breach Today
JUNE 12, 2018
HR Software Provider Says Names, Addresses, Emails and Phone Numbers Exposed PageUp, an HR software developer based in Australia, is warning that malware-wielding attackers may have accessed a raft of personal data stored in the company's systems. The breach may be the largest to have hit Australia since its mandatory data breach notification law went into effect in February
Threatpost
SEPTEMBER 29, 2020
A researcher said he discovered an open data cache with names, grades, birthdates and more, after the Clark County School District refused to pay the ransom.
IT Governance
AUGUST 19, 2021
T-Mobile has said that it has been hit by a “highly sophisticated cyberattack” that compromised the personal data of more than 7.8 In a statement , it confirmed that the stolen data included US customers’ full names, dates of birth, Social Security numbers and ID information.
DLA Piper Privacy Matters
JANUARY 20, 2022
The Austrian Data Protection Authority ( “DPA” ) has recently published its decision concerning the use of Google Analytics. The data subject who submitted the complaint ( “User” ) visited the website while being logged in to his Google account.
Data Breach Today
FEBRUARY 1, 2019
teeters on the edge of a "no deal" Brexit, the country's information commissioner has warned businesses to prepare, saying that any organization that handles Europeans' personal data must ensure they have a legal transfer arrangement in place for continuing to do so Privacy Watchdog Orders Businesses to Prepare as UK Teeters on Edge of 'No Deal' As the U.K.
Data Breach Today
JANUARY 4, 2019
Chancellor Angela Merkel Among the Victims of Massive Hack Attack and Data Leak Hundreds of members of the German parliament, Chancellor Angela Merkel as well as numerous local celebrities have had their personal details and communications stolen and leaked online as part of what authorities are calling an attack on the country's democracy and institutions
Collibra
NOVEMBER 13, 2020
The General Data Protection Regulation (GDPR), in force since May 25, 2018, requires businesses to protect the personal data and privacy of European Union (EU) citizens, for transactions that occur within EU Member States. What is personal data under GDPR?
The Guardian Data Protection
JANUARY 10, 2022
The unprecedented finding from the European Data Protection Supervisor (EDPS) targets what privacy experts are calling a “big data ark” containing billions of points of information. Surveillance Privacy Data protection Police Big data European Union Europe Technology
IT Governance
APRIL 22, 2021
TikTok is again being accused of illegally processing children’s personal data. She alleges that TikTok is violating the GDPR (General Data Protection Regulation) by collecting excessive data and failing to explain what it’s used for.
Data Protection Report
FEBRUARY 28, 2020
The Personal Data Protection Act B.E. The PDPA is under the supervision of the Ministry of Digital Economy and Society and the main supervising authority of the PDPA is the Office of Data Protection Committee ( Office ). Definition of Personal Data. Background.
IG Guru
MARCH 25, 2020
Jared Walker of Zasio writes a great blog post on Pandemics and Personal Data. The post Pandemics and Personal Data appeared first on IG GURU. Business Education GDPR IG News Information Governance information privacy Privacy Risk News Sponsored COVID-19 Europe Health Information HIPAA Italy Jared Walker Medical Information Pandemic Singapore Zasio
Security Affairs
AUGUST 26, 2021
Documents and personal details of residents of the small Swiss town Rolle, on the shores of Lake Geneva, were stolen in a ransomware attack. The Swiss town Rolle disclosed the data breach after a ransomware attack, personal details of all its 6,200 inhabitants were stolen by threat actors.
Hunton Privacy
AUGUST 5, 2021
On August 2, 2021, the Italian Data Protection Authority ( Garante per la protezione dei dati personali , “Garante”) announced that it had levied a €2,500,000 fine on Deliveroo Italy s.r.l.
InfoGoTo
FEBRUARY 27, 2020
As businesses subject to the California Consumer Privacy Act (CCPA) develop and implement policies and procedures to comply with the law, they may want to revisit, or develop an employee personal data protection policy. Why Address an Employee Personal Data Protection Policy Now?
Hunton Privacy
JANUARY 15, 2021
On December 16, 2020, the Committee of Experts within India’s Ministry of Electronics and Information Technology (MeitY) (the “Committee”) issued a revised report on the Non-Personal Data Governance Framework (the “NPDF”) for India (the “Revised Committee Report”).
Data Matters
JANUARY 24, 2022
As data breaches become more common, increased public attention on privacy has led to a flurry of state-level activity on the issue. 1] It focuses on data processing that can be connected to persons, whether direct or pseudonymized. Prohibited data practices are impermissible.
IT Governance
NOVEMBER 17, 2020
Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. What constitutes a personal data breach. How to avoid data breaches.
Data Protection Report
JUNE 1, 2020
But this is a tricky area to navigate, particularly following the General Data Protection Regulation ( GDPR ), since both the ICO and the FCA have started to pay more attention to this area. What are the legal mechanisms to sell or utilise personal data in an insolvency situation?
Schneier on Security
DECEMBER 6, 2018
In an excellent blog post , Brian Krebs makes clear something I have been saying for a while: Likewise for individuals, it pays to accept two unfortunate and harsh realities: Reality #1: Bad guys already have access to personal data points that you may believe should be secret but which nevertheless aren't, including your credit card information, Social Security number, mother's maiden name, date of birth, address, previous addresses, phone number, and yes even your credit file.
Schneier on Security
MARCH 26, 2019
A recent experiment found all sorts of personal data left on used laptops and smartphones. This should come as no surprise. Simson Garfinkel performed the same experiment in 2003, with similar results. computersecurity dataloss dataprotection
Hunton Privacy
MARCH 30, 2021
The Draft Guidance also applies to all organizations that process children’s data, not just providers of Information Society Services (“ISS”), and has a broader scope than the ICO Age Appropriate Code, covering issues such as how to address security standards, handle data breaches and use biometrics.
Hunton Privacy
MAY 14, 2020
Pakistan’s Ministry of Information Technology and Telecommunication recently introduced a new draft of Pakistan’s Personal Data Protection Bill, 2020 (the “Bill”) and launched a public consultation regarding the same. The controller also must maintain a record of personal data breaches.
IT Governance
APRIL 10, 2019
On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. With the Regulation expanding the definition of personal data, many organisations were uncertain as to what the new definition includes. The scope of personal data. Let’s start with the circumstances under which the processing of personal data must meet the GDPR’s requirements. What constitutes personal data?
DLA Piper Privacy Matters
JULY 21, 2020
The Irish Court of Appeal has clarified the scope of the definition of personal data – noting that, while the definition is deliberately very broad, it does not facilitate access by an individual to reports stemming from a complaint for the sole reason that the complaint was made by that individual.
Data Protection Report
FEBRUARY 1, 2021
On 29 January 2021, the Personal Data Protection Commission ( PDPC ) announced that certain sections of the Personal Data Protection (Amendment) Act 2020 (the PDPA Amendments ) will take effect from 1 February 2021 – please see PDPC’s announcement here ; the gazetted Commencement Notification here.
Threatpost
NOVEMBER 19, 2018
IoT Privacy Data Finance Ford hackett personal data scooter spinFord's CEO sees the tech company model as key to the company's next chapter.
Data Protection Report
FEBRUARY 25, 2020
Outbreak of the coronavirus and personal data privacy. There have been several data breach incidents which have given rise to concerns over privacy and potential discrimination against people from Wuhan and Hubei Province. Compliance and risk management data protection
Hunton Privacy
MAY 29, 2020
The implementation of Thailand’s Personal Data Protection Act B.E. Those data controllers for whom compliance has been deferred include agencies and operators of prescribed businesses specified in the Royal Decree on Agencies and Businesses Not Subject to the PDPA B.E.
Let's personalize your content