dcsimg

Cyber attacks and data breaches in review: August 2019

A glance at the numbers this month suggests that cyber criminals, like the rest of us, enjoy their summer holidays. The 114,686,290 breached records is infinitesimal compared to last month’s total and about 10% of the monthly average. However, the figure comes from 95 incidents, which is the biggest total we’ve tracked this year. Plenty of those breaches occurred in Europe, so let’s delve into a … [Read more...]

How to write a GDPR data breach notification procedure

Documenting your GDPR compliance can be tough, but a little guidance and access to documentation templates can make things much easier.  The documentation process is one of the most important parts of GDPR (General Data Protection Regulation) compliance. What you write dictates the way you approach security and privacy, and any mistakes will set you up for failure when those documents are called … [Read more...]

DPC concludes Public Services Card investigation

This week, Ireland’s DPC (Data Protection Commission) released the findings of its investigation into the controversial PSC (Public Services Card).  What is the PSC? The PSC was introduced as part of a social welfare pilot scheme in 2011. It displays the holder’s full name, PPS (Personal Public Service) number, signature and photograph.   The card was initially required for social welfare … [Read more...]

GDPR – maintaining compliance and Brexit

In our final blog, GDPR – One Year On, Alice Turley examines the impact of the GDPR maintaining compliance with the Regulation, and the effect of Brexit on the Regulation.     Key messages from the DPC The Association of Compliance Officers in Ireland held a conference on 31 March 2019 focusing on data breach notifications and risk assessments. Among those speaking was Niall Cavanagh, … [Read more...]

Cyber attacks and data breaches in review: July 2019

July 2019 was one of the worst months ever from a cyber security perspective. With incidents like the massive breach at the Chinese tech supplier Orvibo and another leaked database filled with Evite customers’ personal details, the second half of the year began with a mammoth 2,226,042,039 breached records.  You can see a full breakdown of those breaches on our sister site, IT Governance UK. In … [Read more...]

Data breach costs Netherlands hospital €460,000

Haga Hospital, based in the Netherlands, was this week fined €460,000 by the Dutch data protection authority (AP) for breaching the GDPR (General Data Protection Regulation).   Haga was investigated by the AP after 85 hospital employees had access to the medical records of Samantha de Jong, AKA Barbie, a well–known Dutch reality TV star.   In addition to the fine, Haga must improve the … [Read more...]

British Airways fine could be the start of GDPR tidal wave

Earlier this week, the ICO (Information Commissioner’s Office), the UK’s data protection authority, announced that it would be fining British Airways £183.4 million (about €204 million) for a data breach that occurred last year.  The incident, which affected 500,000 customers, involved a sophisticated attack in which criminals diverted traffic from British Airways’ website to a bogus replica, … [Read more...]

From pandemonium to fines – a review of GDPR enforcement in Europe

Do you remember the Y2K bug in the run-up to the new millennium? Warnings that computer systems and networks would stop functioning on 1 January 2000 led to panic and pandemonium as people prepared for its impact.   In some ways, the introduction of the GDPR (General Data Protection Regulation) was reminiscent of the Y2K scare.  Despite the two-year transition period, a lot of organisations left … [Read more...]

List of data breaches and cyber attacks by region: May 2019

You might have noted that data breaches happen a lot. We post about incidents as often as we can, but it’s practically impossible to keep up.  That’s why we’ve decided to start compiling a monthly list of incidents from stories reported around the globe.  In our inaugural list, we look back at May 2019, in which there were at least 79 reported data breaches.  If we’ve missed anything, let us know … [Read more...]

Helen Dixon reappointed as Ireland’s Data Protection Commissioner for a second term

Helen Dixon has been reappointed as DPC (Data Protection Commissioner) until 2024 following government approval.   Announcing the decision, Charlie Flanagan, Minister for Justice and Equality, said: “Helen is internationally well regarded for her expertise in this area. This is a very important role as Ireland’s Data Protection Commission is the EU’s lead regulator for the many multinational … [Read more...]