dcsimg

GDPR – maintaining compliance and Brexit

In our final blog, GDPR – One Year On, Alice Turley examines the impact of the GDPR maintaining compliance with the Regulation, and the effect of Brexit on the Regulation.     Key messages from the DPC The Association of Compliance Officers in Ireland held a conference on 31 March 2019 focusing on data breach notifications and risk assessments. Among those speaking was Niall Cavanagh, … [Read more...]

Cyber attacks and data breaches in review: July 2019

July 2019 was one of the worst months ever from a cyber security perspective. With incidents like the massive breach at the Chinese tech supplier Orvibo and another leaked database filled with Evite customers’ personal details, the second half of the year began with a mammoth 2,226,042,039 breached records.  You can see a full breakdown of those breaches on our sister site, IT Governance UK. In … [Read more...]

In Japan, Seven-Eleven’s 7pay Payment System is Hit by Fraud

According to Seven-Eleven, some 900 customers using its mobile payment service called 7pay have lost a total of 55 million yen ($510,000) due to unauthorized access to their accounts. … [Read more...]

Data breach costs Netherlands hospital €460,000

Haga Hospital, based in the Netherlands, was this week fined €460,000 by the Dutch data protection authority (AP) for breaching the GDPR (General Data Protection Regulation).   Haga was investigated by the AP after 85 hospital employees had access to the medical records of Samantha de Jong, AKA Barbie, a well–known Dutch reality TV star.   In addition to the fine, Haga must improve the … [Read more...]

Microsoft OneNote audio note phishing scam

Phishing is a constant threat for organisations and individuals alike. The scam, which involves sending emails that masquerade as legitimate organisations to fraudulently obtain sensitive information, targets hundreds of millions of organisations and people daily.   Microsoft OneNote users are the latest target of a phishing scam. An email entitled “New Audio Note Received” is purportedly sent … [Read more...]

Apple hit with third DPC enquiry

Ireland’s DPC (Data Protection Commissioner) has launched a third investigation into Apple’s GDPR (General Data Protection Regulation) compliance.  The investigation will examine the tech giant’s compliance with the relevant GDPR provisions in relation to a customer’s DSAR (data subject access request). It follows two investigations opened last year into Apple’s processing of personal data and … [Read more...]

British Airways fine could be the start of GDPR tidal wave

Earlier this week, the ICO (Information Commissioner’s Office), the UK’s data protection authority, announced that it would be fining British Airways £183.4 million (about €204 million) for a data breach that occurred last year.  The incident, which affected 500,000 customers, involved a sophisticated attack in which criminals diverted traffic from British Airways’ website to a bogus replica, … [Read more...]

List of data breaches and cyber attacks by region: June 2019

It’s been a bad month for Australia and Canada: dumped out of the Women’s World Cup and responsible for 13 data breaches. Meanwhile, another Irish hospital has left medical records on a city street for the public to find and local US governments continue to be plagued by ransomware. In total, there were at least 62 data breaches and cyber attacks in June 2019. You can read the full list below, and … [Read more...]

Social engineering is becoming cyber criminals’ weapon of choice

The cyber security industry has traditionally focused on technological weaknesses, but according to the 2019 Trustwave Global Security Report, the majority of breaches begin with social engineering.    What is social engineering?  Social engineering is a method of psychological manipulation in which a trickster persuades someone to perform certain actions or divulge sensitive … [Read more...]

The Real Cost of a Data Breach: Compliance Penalties are Just the Tip of the Iceberg

I’ve said it before and I’ll say it again: We are living in the age of the data breach. Now more than ever, our lives are defined by the massive data sets built from our online presence, and now more than ever, they are routinely disrupted when those data sets fall into the wrong hands. … [Read more...]