dcsimg

Microsoft suffers data breach affecting webmail accounts

Microsoft has confirmed that a number of its email services have been breached, with users’ email content potentially exposed.  The tech giant noted in its incident statement on 12 April that the criminal hackers could have viewed email addresses, folder names and email subject lines, but … [Read more...]

Potential data breach under investigation at University Hospital Galway

Saolta University Health Care Group is investigating a potential data breach at UHG (University Hospital Galway) after scam letters were sent to patients’ home addresses.   The letters, from an organisation calling itself The Anglo America Lottery, informed recipients that they had won a significant prize in the ‘Hospital Sick Patient Lottery … [Read more...]

The most common causes of data breaches and how you can spot them

The longer a breach goes undetected, the more embarrassing it is for the organisation in question. But what’s a good target for identifying an incident?  According to Ponemon Institute’s 2018 Cost of a Data Breach Study, it’s 100 days. The average cost of an incident discovered within this timeframe was $5.99 million (about €5.3 million), but if it takes longer, the average rises to … [Read more...]

GDPR non-compliance costs data analytics company €220,000

Bisnode, a Swedish data analytics company with a base in Poland, has been hit with a €220,000 (PLN 944,470) fine from Poland’s data protection authority, UODO. The fine was issued after Bisnode failed to inform millions of people that it was processing their data, denying them the opportunity to object to the processing, and the right to rectification or erasure of their details, as noted in … [Read more...]

Norsk Hydro hit by “severe” cyber attack

Aluminium manufacturing giant Norsk Hydro was forced to switch to manual operations following a “severe” ransomware attack on Monday, 18 March.  The Norway-based company, which employs more than 35,000 people in 40 countries, was reportedly hit with ransomware known as LockerGoga.  Several of its plants around the world … [Read more...]

A 5-step guide to reporting data breaches under the GDPR

In case you didn’t already know, the GDPR (General Data Protection Regulation) requires Irish organisations to report data breaches to the DPC (Data Protection Commission) within 72 hours of becoming aware of them.  This doesn’t only refer to cyber criminals breaking into your system. It applies to any kind of data breach – i.e. any time the confidentiality, integrity or … [Read more...]

Facebook’s history betrays its privacy pivot

Facebook CEO Mark Zuckerberg proposed a radical pivot for his company this month: it would start caring—really—about privacy, building out a new version of the platform that turns Facebook less into a public, open “town square” and more into a private, intimate “living room.” Zuckerberg promised end-to-end encryption across the company’s messaging platforms, interoperability, disappearing … [Read more...]

List of Data Breaches in 2018 – Infographic

It’s hard to forget the hype associated with the GDPR (General Data Protection Regulation) taking effect on 25 May 2018.   The Regulation expands individuals’ control over how their personal data is collected and processed, and places a range of new obligations on organisations to be more … [Read more...]

The 6 most common ways data breaches occur

The first step towards cyber security is identifying how data breaches occur and the level of risk each one poses.  To help organisations do this, Verizon conducted a year-long investigation into the leading causes of data breaches, publishing its findings in its 2018 Data Breach Investigations Report.  In this blog, we break down … [Read more...]

The not-so-definitive guide to cybersecurity and data privacy laws

US cybersecurity and data privacy laws are, to put it lightly, a mess. Years of piecemeal legislation, Supreme Court decisions, and government surveillance crises, along with repeated corporate failures to protect user data, have created a legal landscape that is, for the American public and American businesses, confusing, complicated, and downright annoying. Businesses are expected to comply with … [Read more...]