Free tools and resources for Data Protection Officers!

Tag Archives for " data breach "

Dangerous misconceptions about data breaches

Not all breaches are the same, nor always a failure of company processes, but executives need to take steps to ensure the long-term security of their marketing data.

Many data breaches, including most of the ones making headlines over the past year, are much subtler. These breaches, which can take months if not years to uncover, originate from a lack of proper controls and understanding of vulnerabilities.

Full article: Dangerous misconceptions about data breaches – MarTech Today

Risks from stolen Marriott data: espionage, ID theft, home burglaries

The data stolen from the Marriott hotel empire in a massive breach is so rich and specific it could be used for espionage, identity theft, reputational attacks and even home burglaries, security experts say.

Affected reservation system could be extremely enticing to nation-state spies interested in the travels of military and senior government officials.

Full article: Risks from stolen Marriott data: espionage, ID theft, home burglaries – East Bay Times

Marriott Hacking Exposes Data of Up to 500 Million Guests

Marriott International acknowledged on Friday that an “unauthorized party had copied and encrypted information” belonging to about 500 million customers on its Starwood reservations system.

The personal information of customers that was stolen includes names, dates of birth, passport numbers and payment numbers.

Full article: Marriott Hacking Exposes Data of Up to 500 Million Guests – The New York Times

Instagram GDPR Tool Exposes Subscriber Passwords

A warning has been issued by Instagram that a number of users of the social media platform have had their password details exposed by a security leak.

Ironically, this breach occurred due to a flaw in the ‘Download Your Data’ tool that Instagram added to the platform to allow users to download a copy of their own data. Instagram sent these users their passwords in plain text. This feature was implemented in April in order to ensure compliance with the European Union General Data Protection legislation which became enforceable on May 25 this year. The tool was developed due to privacy concerns in the aftermath of Facebook’s Cambridge Analytica scandal.

Full article: Instagram GDPR Tool Exposes Subscriber Passwords – Compliance Junction

Uber fined more than $1 million by U.K. and Dutch authorities

Uber was fined a combined $1.17 million by British and Dutch authorities Tuesday for a 2016 data breach that exposed the personal details of millions of customers. The penalties come from the U.K.’s Information Commissioner’s Office and the Dutch Data Protection Authority.

Source: Uber fined more than $1 million by U.K. and Dutch authorities

Stop focusing your information security efforts on the wrong things!

There once was a time not all that long ago when security teams could plead ignorant to IT security risks, with minimal possible consequence in terms of any significant damage coming to the company. Those days are long gone. In today’s era of advanced cyberattacks, information security is too important an element of business success to dismiss.

Full article: Stop focusing your information security efforts on the wrong things!

Uber fined £385,000 for data breach affecting millions of passengers

Uber’s European operation has been fined £385,000 for a data breach that affected almost 3 million British users, the Information Commissioner’s Office has announced.

In November 2016, attackers obtained credentials to access Uber’s cloud servers and downloaded 16 large files, including the records of 35 million users worldwide. The records included passengers’ full names, phone numbers, email addresses, and the location where they had signed up.

Source: Uber fined £385,000 for data breach affecting millions of passengers

E-commerce is winning as most Americans now trust online business with their data

Despite conflicting opinions about online privacy, customers choose to shop with companies that take reasonable security precautions.

Most Americans are actually willing to online shop with retailers that previously faced a security breach—if they have taken measures to secure data, according to the report. With years of conflicting news about cybersecurity threats and breaches, users have almost become desensitized to the information, the report found.

Full article: Why e-commerce is winning: Most Americans now trust online retailers with their data – TechRepublic

Cathay Pacific case shows data breach reporting challenges

Multinational companies experiencing a major data breach face significant challenges in co-ordinating co-operation with investigating authorities around the world.

The scale of the challenge was highlighted recently when the chief executive of airline Cathay Pacific, Rupert Hogg, revealed that the company had provided details of a data breach the business first disclosed last month to 27 different authorities spanning 15 jurisdictions.

The case is an example of how the discovery of data breaches can trigger a duty to notify those breaches to not only data protection authorities and impacted customers, but financial regulators and financial markets too.

Full article: Cathay Pacific case shows data breach reporting challenges

1 2 3 25
>