Cyber attacks and data breaches in review: March 2020

With COVID-19 spreading across the globe last month – bringing with it a host of cyber security risks – it would have been easy to fear for the worst in terms of cyber attacks and data breaches. But surprisingly, we only found 67 incidents this month, with a total of 832,486,418 affected records – which is only slightly higher than last month’s figures. However, we’re still only in the early … [Read more...]

Polish school fined for processing children’s biometric data

A primary school in Gdańsk, Poland, has been fined PLN 20,000 (about €4,600) for collecting biometric data from its students without a legal basis. The GDPR (General Data Protection Regulation) defines biometric data as “personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, which allow or confirm the … [Read more...]

Cyber attacks and data breaches in review: February 2020

This month has been a mixed bag in terms of cyber security incidents. On the one hand, the 630 million breached records represents a massive drop-off from last month and brings the monthly average back down to about the same level as 2019. However, that total comes from a whopping 106 incidents, which makes February the second leakiest month that we’ve ever recorded. As always, we use this blog to … [Read more...]

Hospital patients’ medical records found on roadside

Hospital notes of patients who attended Craigavon Area Hospital, Co. Armagh were discovered scattered on a local roadside on 7 February. The records contained the information of 18 patients who visited ward 2 South Medicine at the hospital, including their name, age, reason for admission, and medical and social history. A man and a six-year-old child, who wish to remain anonymous, discovered the … [Read more...]

Unlawful data processing practices cost Italian telecoms organisation more than €27 million

The Italian Data Protection Authority (Garante per la protezione dei dati personali) last month issued a €27,802,946 fine to telecoms company TIM S.p.A for several GDPR (General Data Protection Regulation) infringements and a lack of accountability. The unlawful practices, which occurred between 2017 and 2019, affected millions of individuals, some of whom were not even TIM S.p.A customers. They … [Read more...]

Ireland’s DPC begins investigation into Google and Tinder

Ireland’s DPC (Data Protection Commission) is investigating Internet giant Google and matchmaking app Tinder over the way they process and retain users’ data. Inquiry into Google The DPC has commenced an own-volition Statutory Inquiry into Google Ireland Limited following complaints from several EU consumer organisations about its processing of users’ location data and the transparency of the … [Read more...]

Criminal hackers exploit fear of coronavirus to spread malware

Cyber criminals are using the fear surrounding the coronavirus outbreak to infect the devices of unsuspecting victims with malware. The malware, delivered via an email attachment, was discovered by Kaspersky Lab and IBM X-Force. Kaspersky’s findings The emails flagged by Kaspersky contained malware hidden within PDF, docx and MP4 files, implying that they claimed to have information on coronavirus … [Read more...]

250 million Microsoft customer records exposed in latest breach

In its latest data breach, Microsoft has exposed nearly 14 years of customer service and support records, equating to the details of nearly 250 million records. The breach was discovered by Comparitech’s security research team, which is headed by Bob Diachenko, who immediately informed Microsoft. The corporation took swift action; in total, the data was exposed from 28–31 December 2019. Diachenko … [Read more...]

Cyber attacks and data breaches in review: January 2020

The new decade is off to a promising start, with only 61 disclosed data breaches or cyber attacks. It’s not all good news, though, as a handful of massive incidents – including the ongoing leaks of medical files in the US – has helped push the number of breached records to 1.5 billion. There were also several worrying incidents involving European organisations. Let’s take a look at some of them … [Read more...]

Frankfurt’s IT networks grinds to a halt amid Emotet attack

The week before Christmas, Frankfurt saw the unwelcome return of Emotet, a banking trojan that recently came out of hiding to terrorise organisations across the globe.  The malware spread through the city’s systems, forcing officials to shut down its IT network, causing huge delays to government services.  This is the fourth time in recent weeks that Emotet has struck in Germany, following attacks … [Read more...]