dcsimg

Cork City Council, Park by Phone service breached

More than 5,000 people have been affected by a data breach of Cork City Council’s Park by Phone service. Although the reported breach occurred last Thursday and the relevant authorities were notified on Friday, it has come to light that the breach first occurred in May. Personal details such as car registration numbers, email addresses and mobile phone numbers have been compromised, but no … [Read more...]

37,000 Eir customers affected by data breach

Eir, one of Ireland’s leading telecoms companies, announced last week that personal details of up to 37,000 customers were affected by a data breach. The company said that an unencrypted laptop was stolen on 12 August, containing customer and employee personal details, including names, email addresses and customer numbers. No financial details had been breached. According to Eir, the theft … [Read more...]

Are you #BreachReady?

It seems like we hear about yet another data breach on a daily basis, with recognised companies such as Ticketmaster and Dixons Carphone – to name but a few – suffering at the hands of criminal hackers. If you think it only happens to large organisations, think again Since the EU’s GDPR (General Data Protection Regulation) came into effect in May, the DPC (Data Protection Commissioner) has dealt … [Read more...]

Who requires a DPO?

As of 25 May 2018, the EU GDPR (General Data Protection Regulation) is the primary piece of legislation governing data protection. The requirement for Irish organisations to register their data processing activities with the DPC (Data Protection Commission), which existed under the previous regime, no longer applies. However, under the GDPR, certain organisations are required to appoint a DPO … [Read more...]

Could your supply chain derail your GDPR compliance efforts?

Last week we reported on the Ticketmaster breach, which might have affected Irish customers. This breach was caused by malicious software located on a customer support product hosted by an external third-party supplier, Inbenta Technologies. Since the breach was announced by Ticketmaster on 23 June, it has emerged that the company may have been warned about the breach as far back as April, … [Read more...]

Software to support your GDPR compliance project

General Data Protection Regulation (GDPR) compliance should be a priority and high on every organisation’s agenda with less than two months until the regulation comes into effect on 25 May 2018. Organisations need to be aware of what data they process and ensure it is processed in accordance with the law. As part of a GDPR compliance project, organisations must document their data processes, which … [Read more...]

Ticketmaster Ireland informs customers of a possible data breach

Ticketmaster Ireland has informed customers about a potential data breach that may have compromised their personal and payment details. Users who purchased tickets from the site between February and June of this year may be affected. “On Saturday, June 23, 2018, Ticketmaster UK identified malicious software on a customer support product hosted by Inbenta Technologies, an external third-party … [Read more...]

How to register a DPO in Ireland

Under the EU General Data Protection Regulation (GDPR), which came into force on 25 May 2018, certain organisations are required to appoint a data protection officer (DPO). These organisations must register the details of their DPO with their relevant supervisory authority. Registering a DPO in Ireland In Ireland, the Office of the Data Protection Commissioner (DPC) has released an online … [Read more...]

How to deal with subject access requests

Among the many rights the GDPR (General Data Protection Regulation) gives data subjects is the right to access their personal data, along with certain information relating to how it is processed. If your organisation processes personal data, do you understand when the right of access applies? Do you have processes in place to ensure you can facilitate this right? And do you know exactly what … [Read more...]

Non-EU organisations block European traffic to avoid GDPR obligations

As well as applying to all organisations in the EU that process personal data, the GDPR (General Data Protection Regulation) applies to non-EU organisations that offer goods and services to, or monitor the behaviour of, EU residents. However, numerous organisations outside the EU have simply opted to block EU traffic to their websites rather than comply with the new law. TechCrunch reported on 25 … [Read more...]