The EU’s General Data Protection Regulation imposes stricter obligations on data controllers and processors to ensure the security of personal data. One of the new mechanisms introduced to reach this objective is data breach notification, a concept familiar to U.S.-based privacy professionals, but still relatively new to the EU.
The Office of the Australian Information and Privacy Commissioner has published draft resources for the Notifiable Data Breaches scheme, asking for public comment.
An international team of researchers detected a vulnerability potentially affecting digital use of Estonian ID cards issued since October 2014.
One of the worlds largest consulting firm “Accenture” owned four biggest cloud-based storage servers left openly in public without securing tons of highly sensitive data that could be downloaded without a password by anyone who knew the servers web addresses.
The Equifax breach has dominated headlines since it was announced earlier this month — and for good reason. The personal data of well over half the U.S. population, when adjusted for children and others who do not have need for credit reports, was affected.
Canadian companies that try to hide data breaches could soon face fines under new regulations being proposed by the federal government. The move would force companies to let people know if their personal information has fallen into the wrong hands.
Misleading press stories have claimed that all breaches will need to be reported to the Information Commissioner’s Office and customers alike; others say all details of the breach need to be known straight away and some say there’ll be huge fines for failing to report.
Access by employees to customers’ data has to be subject to stringent privacy restrictions and limitations according to a decision of the Italian data protection authority. The decision of the Italian data protection authority An individual had complained to the Italian privacy authority about the breach of his privacy rights due to the illegal access to his bank account transactions.
Equifax, one of the largest credit reporting agencies, revealed on Thursday that it was hacked back in May, exposing the personal data of up to 143 million people. The data accessed by hackers contains extremely sensitive information like social security numbers, birth data, consumer’s names, driver’s license numbers and credit card numbers.
Social Security numbers, which have been around since the 1930s, have only one intended purpose: to track US citizens’ earnings and contributions to the Social Security program. However, universality of SSN ownership has in turn led to the SSN’s adoption by private industry as a unique identifier. Unfortunately, this universality has led to abuse.