dcsimg

Microsoft suffers data breach affecting webmail accounts

Microsoft has confirmed that a number of its email services have been breached, with users’ email content potentially exposed.  The tech giant noted in its incident statement on 12 April that the criminal hackers could have viewed email addresses, folder names and email subject lines, but … [Read more...]

What is personal information? In legal terms, it depends

In early March, cybersecurity professionals around the world filled the San Francisco Moscone Convention Center’s sprawling exhibition halls to discuss and learn about everything infosec, from public key encryption to incident response, and from machine learning to domestic abuse. It was RSA Conference 2019, and Malwarebytes showed up to attend and present. Our Wednesday afternoon session—“One … [Read more...]

Potential data breach under investigation at University Hospital Galway

Saolta University Health Care Group is investigating a potential data breach at UHG (University Hospital Galway) after scam letters were sent to patients’ home addresses.   The letters, from an organisation calling itself The Anglo America Lottery, informed recipients that they had won a significant prize in the ‘Hospital Sick Patient Lottery … [Read more...]

The most common causes of data breaches and how you can spot them

The longer a breach goes undetected, the more embarrassing it is for the organisation in question. But what’s a good target for identifying an incident?  According to Ponemon Institute’s 2018 Cost of a Data Breach Study, it’s 100 days. The average cost of an incident discovered within this timeframe was $5.99 million (about €5.3 million), but if it takes longer, the average rises to … [Read more...]

Norsk Hydro hit by “severe” cyber attack

Aluminium manufacturing giant Norsk Hydro was forced to switch to manual operations following a “severe” ransomware attack on Monday, 18 March.  The Norway-based company, which employs more than 35,000 people in 40 countries, was reportedly hit with ransomware known as LockerGoga.  Several of its plants around the world … [Read more...]

A 5-step guide to reporting data breaches under the GDPR

In case you didn’t already know, the GDPR (General Data Protection Regulation) requires Irish organisations to report data breaches to the DPC (Data Protection Commission) within 72 hours of becoming aware of them.  This doesn’t only refer to cyber criminals breaking into your system. It applies to any kind of data breach – i.e. any time the confidentiality, integrity or … [Read more...]

The not-so-definitive guide to cybersecurity and data privacy laws

US cybersecurity and data privacy laws are, to put it lightly, a mess. Years of piecemeal legislation, Supreme Court decisions, and government surveillance crises, along with repeated corporate failures to protect user data, have created a legal landscape that is, for the American public and American businesses, confusing, complicated, and downright annoying. Businesses are expected to comply with … [Read more...]

Highlights from the Data Protection Commission’s first annual GDPR report

This week, the DPC (Data Protection Commission) published its first annual report under the GDPR covering the period 25 May to 31 December 2018. The report highlights a number of interesting statistics and year-on-year comparisons, most notably:   2,864 complaints received, bringing the total for 2018 to 4,113 complaints – a 56% increase on … [Read more...]

3 cyber security threats you need to prepare for

The key to reducing the damage that data breaches can cause is to spot them quickly. Ponemon Institute’s 2018 Cost of a Data Breach Study found that, on average, organisations that identified a breach within 100 days saved more than $1 million (€880,000) per incident. But to be able to spot a data breach you need to know what to look for. In this blog, we break down five common causes of data … [Read more...]

6 ways your organisation can suffer a data breach

Data breaches aren’t only the result of crooks breaking into organisations’ systems and stealing files. They occur whenever sensitive information is accidentally or unlawfully destroyed, lost, altered, disclosed or accessed. This blog explains how each of the scenarios might take place and provides advice for staying secure. Cyber attack Let’s get the obvious one out of the way. Crooks can … [Read more...]