dcsimg

Cyber attacks and data breaches in review: July 2019

July 2019 was one of the worst months ever from a cyber security perspective. With incidents like the massive breach at the Chinese tech supplier Orvibo and another leaked database filled with Evite customers’ personal details, the second half of the year began with a mammoth 2,226,042,039 breached records.  You can see a full breakdown of those breaches on our sister site, IT Governance UK. In … [Read more...]

Data breach costs Netherlands hospital €460,000

Haga Hospital, based in the Netherlands, was this week fined €460,000 by the Dutch data protection authority (AP) for breaching the GDPR (General Data Protection Regulation).   Haga was investigated by the AP after 85 hospital employees had access to the medical records of Samantha de Jong, AKA Barbie, a well–known Dutch reality TV star.   In addition to the fine, Haga must improve the … [Read more...]

Microsoft OneNote audio note phishing scam

Phishing is a constant threat for organisations and individuals alike. The scam, which involves sending emails that masquerade as legitimate organisations to fraudulently obtain sensitive information, targets hundreds of millions of organisations and people daily.   Microsoft OneNote users are the latest target of a phishing scam. An email entitled “New Audio Note Received” is purportedly sent … [Read more...]

Apple hit with third DPC enquiry

Ireland’s DPC (Data Protection Commissioner) has launched a third investigation into Apple’s GDPR (General Data Protection Regulation) compliance.  The investigation will examine the tech giant’s compliance with the relevant GDPR provisions in relation to a customer’s DSAR (data subject access request). It follows two investigations opened last year into Apple’s processing of personal data and … [Read more...]

FAI hit with data breach

The FAI (Football Association of Ireland) confirmed yesterday that servers in its Dublin headquarters were breached in an external hack over the weekend.  In a statement released on Wednesday, the FAI said that the breach affected its email services, but not customers’ payment details or ticket sales as this information is stored offsite.   The FAI has hired a forensic computer scientist … [Read more...]

List of data breaches and cyber attacks by region: May 2019

You might have noted that data breaches happen a lot. We post about incidents as often as we can, but it’s practically impossible to keep up.  That’s why we’ve decided to start compiling a monthly list of incidents from stories reported around the globe.  In our inaugural list, we look back at May 2019, in which there were at least 79 reported data breaches.  If we’ve missed anything, let us know … [Read more...]

DPC launches investigation into Google Ireland

Ireland’s DPC (Data Protection Commission) has launched a statutory enquiry into how Google Ireland processes data for the purpose of advertising.  The probe is the result of a number of submissions to the DPC, including those made by Dr Johnny Ryan, Chief Policy & Industry Relations Officer for Brave, a privacy-focused web browser.   Dr Ryan’s submissions reveal that Google’s … [Read more...]

‘ZombieLoad’ vulnerabilities expose computers using Intel chips

Cyber security researchers have discovered a class of vulnerabilities in Intel chips that could be exploited to steal sensitive information, unencrypt data and spy on tasks handled by the processor.  The bugs, dubbed ‘ZombieLoad’, affect almost every computer that uses an Intel chip released since 2011.  What does ZombieLoad do?  ZombieLoad is a side-channel attack that enables criminals to … [Read more...]

Burger King data breach potentially exposed the data of thousands of children

Kool King, an online shop owned by Burger King, had thousands of customer records exposed through an unsecured database, which was discovered last week.  The website allows customers who purchase from the children’s menu in Burger King, France to access content, including games, films and activities, after creating a profile on the platform.   The breached database, which potentially contained the … [Read more...]

WhatApp users urged to update app after serious security vulnerability discovered

WhatsApp, the messaging app owned by Facebook, confirmed a serious security vulnerability in its system on Monday, 13 May that left users open to spyware installations on their phone.   The breach, affecting both iOS and Android users, enabled the software to be installed through voice calls, even if the call wasn’t picked up. In some cases, the call was removed from the call log, so the missed … [Read more...]