dcsimg

Burger King data breach potentially exposed the data of thousands of children

Kool King, an online shop owned by Burger King, had thousands of customer records exposed through an unsecured database, which was discovered last week.  The website allows customers who purchase from the children’s menu in Burger King, France to access content, including games, films and activities, after creating a profile on the platform.   The breached database, which potentially contained the … [Read more...]

WhatApp users urged to update app after serious security vulnerability discovered

WhatsApp, the messaging app owned by Facebook, confirmed a serious security vulnerability in its system on Monday, 13 May that left users open to spyware installations on their phone.   The breach, affecting both iOS and Android users, enabled the software to be installed through voice calls, even if the call wasn’t picked up. In some cases, the call was removed from the call log, so the missed … [Read more...]

IT Governance Europe announces new PCI DSS training courses

The PCI DSS (Payment Card Industry Data Security Standard) is administered by the PCI SSC (Security Standards Council) to help prevent payment card fraud and strengthen payment card data security. All organisations that accept, store, transmit or process cardholder data must comply.   When implemented correctly, the PCI DSS helps organisations secure … [Read more...]

Understanding Brazil’s General Data Protection Law

In this post, we’ll break down Brazil’s General Data Protection Law—who needs to comply, what is protected, and how to meet its requirements. … [Read more...]

IT Governance Europe to speak about the GDPR, and transfers post-Brexit at Refresh Boyne event

Alice Turley, a GDPR consultant at IT Governance Europe, will take to the stage at the next Refresh Boyne event in Drogheda to talk about the impact of the GDPR one year on and how organisations can adequately protect their data transfers post-Brexit.   Alice, who is a qualified data protection, compliance and … [Read more...]

The top six takeaways for corporate data privacy compliance

For nearly two months, Malwarebytes Labs has led readers on a journey through data privacy laws around the world, exploring the nuances between “personal information” and “personal data,” as well as between data breach notification laws in Florida, Utah, California, and Iowa. We explored the risks of jumping into the global data privacy game, comparing the European Union’s laws with the laws … [Read more...]

Ireland’s DPC investigates Facebook over password breach

Ireland’s DPC (Data Protection Commission) has launched a statutory inquiry into Facebook following the disclosure of a data breach affecting millions of users.  The social media giant announced in March that a routine security review at the beginning of the year found millions of user passwords stored in plaintext on … [Read more...]

3 GDPR compliance mistakes and how to avoid them

The GDPR (General Data Protection Regulation) has been in effect for almost a year, but its compliance requirements are still subject to a lot of confusion. Many organisations aren’t sure exactly what they’re supposed to be doing, and even more worryingly, some are working under false assumptions.  If you fall into either of those … [Read more...]

Hospital patients’ medical notes found on Drogheda estate

Hospital notes on patients who attended Our Lady of Lourdes Hospital in Drogheda, Co. Louth were discovered on a housing estate earlier this week.  The doctor handover notes, detailing the dates of birth, family situations, medical conditions and hospital wards attended of ten patients who visited the hospital’s emergency … [Read more...]

What are the 6 data protection principles of the GDPR?

A version of this blog was originally published 31 January 2018.  The GDPR (General Data Protection Regulation) outlines six principles that organisations must follow when collecting, processing and storing individuals’ personal data. Data controllers are responsible for complying with those principles, and they must have documented proof of how the organisation is meeting … [Read more...]