Tag Archives for " data breach "

2.6bn records have been exposed in data breaches so far this year

While the volume of data breaches has actually decreased from last year, exposed records remain stubbornly high. The report shows that 2,308 publicly announced data breaches occurred, with 2.6bn records exposed along the way.

Source: 2.6bn records have been exposed in data breaches so far this year

Highest reported breaches ever according to ICO annual report

UK’s Information Commissioner’s Office (ICO) has recently released its annual report for 2017 – 2018. One of the most obvious impacts of GDPR revieled by the report is the number of breaches reported to the ICO. In 2016-17 2,565 breaches were reported, and 3,311 breaches reported in 2017-18. The annual report covers the period to 31 March 2018 (i.e. before GDPR came into effect) which makes the jump striking.

Source: Highest reported breaches ever according to ICO annual report

5 Lessons Learned on Data Breach Management

The GDPR mandates controllers and processors to have technical and organizational measures in place to ensure an appropriate level of security for personal data. They should have the ability to detect, address and report data breaches in a timely manner. Many internal procedures were drafted in anticipation of the entry into force of the GDPR. Now, two months after GDPR Day, here are five lessons learned from data breach management, as, yes, numerous personal data breaches have occurred since then, of which authorities were notified, in pretty significant numbers and in a variety of sectors.

Read article: 5 Lessons Learned on Data Breach Management after 2 Months of GDPR: Friday Is Calling – Publications – Mayer Brown

India launches investigation on Facebook data breach

CBI has initiated a preliminary enquiry against Cambridge Analytica and Global Science Research for alleged illegal personal data harvesting of Indian personal data. It is alleged that Cambridge Analytica received data from Global Science Research which employed “illegal means” of personal data harvesting of Indians using Facebook.

Source: Facebook data breach: CBI initiates preliminary enquiry against Cambridge Analytica, GSR | India News – Times of India

Breach reporting: lessons learned

Amongst the most immediate and visible impacts of the GDPR is the requirement to report data breaches to the Information Commissioner’s Office (“ICO”), which came into force on 25 May 2018. Now that this requirement has had some time to bed in, what can we learn from how both data controllers and the ICO have implemented it over the past couple of months?

Read article: Breach reporting: lessons learned

Reddit hack: data held in 2007 exposed

Reddit, the website supporting discussion and content ratings, has confirmed it was subject to a data breach, affecting all data held in 2007 and before and email digests sent in June of this year. “Although it was a serious attack,” said Reddit in a statement, “the attacker did not gain write access to Reddit systems; they gained read-only access to some systems that contained backup data, source code and other logs.” Information involved consisted of: “A complete copy of an old database backup containing very early Reddit user data – from the site’s launch in 2005 through to May 2007.

Source: Reddit hack: data held in 2007 exposed

More than 40% of reported security breaches are caused by employee negligence

Research shows that employees are often the root cause of business security breaches. More training will help, but better security will require cultural change. More than 40% of senior executives and small business owners report that employee negligence or accidental loss was the root cause of their most recent data security breach. 96% of consumers view employee negligence as at least a minor contributor to data breaches at US companies.

Source: More than 40% of reported security breaches are caused by employee negligence – TechRepublic

ICO receives record number of breach notifications

In UK the number of self-reported data breaches has increased by 29% from 2,447 last year to 3,156 this year. Under the GDPR, organisations are obliged to report serious data breaches to the data protection authority (ICO in UK). In June, after the GDPR had entered into force, the ICO received 1,700 notifications which is a sharp increase compared with previous levels (around 360-390 breach notifications per month).

Source: ICO receives record number of breach notifications – Privacy Laws & Business

1 2 3 19
>