Free tools and resources for Data Protection Officers!

Tag Archives for " data breach "

Lessons for Corporate Boardrooms From Yahoo’s Cybersecurity Settlement

The former officers and directors of Yahoo agreed to pay $29 million to settle charges that they breached their fiduciary duties in their handling of customer data during a series of cyberattacks from 2013 until 2016.

Three billion Yahoo user accounts were compromised in the attacks. The settlement ended three so-called derivative lawsuits filed in Delaware and California against the company’s former leadership team and board, including Marissa Mayer, Yahoo’s former chief executive. Insurance coverage will pick up the tab.

Source: Lessons for Corporate Boardrooms From Yahoo’s Cybersecurity Settlement – The New York Times

Report reveals the dangers and trends of malware through 2018

Last year, the arrival of the EU’s General Data Protection Regulation sent shockwaves through the world of data protection. Big corporates registered record-breaking data breaches, while pre-GDPR transgressions such as those committed in the Facebook/Cambridge Analytica scandal fell under heightened scrutiny of a more privacy-conscious age.

Full article: Report reveals the dangers and trends of malware through 2018

Largest collection of breached data ever seen is found

The largest collection of breached data ever seen has been discovered, comprising of more than 770m email addresses and passwords posted to a popular hacking forum in mid-December.

The 87GB data dump was discovered by security researcher Troy Hunt, who runs the Have I Been Pwned breach-notification service. Hunt, who called the upload “Collection #1”, said it is probably “made up of many different individual data breaches from literally thousands of different sources”, rather than representing a single hack of a very large service.

Source: Largest collection of breached data ever seen is found | Technology | The Guardian

Almost half of companies still can’t detect IoT device breaches

Research released today, reveals that only around half (48%) of businesses can detect if any of their IoT devices suffers a breach, despite companies having an increased focus on IoT security. The research by Gemalto found that spending on protection has grown (from 11% of IoT budget in 2017 to 13% now) and nearly all (90%) believing it is a big consideration for customers.

Full article: Almost half of companies still can’t detect IoT device breaches

GDPR May Add Up To $8.8B Marriott’s Data Breach Expenses

Marriott data breach is under investigation in several countries, where the hotel and resorts giant has a presence. In the E.U., Information Commissioner’s Office (ICO) leads the investigation.

Given that the global annual revenue of the company reached $22.89 billion in 2017 and the strictest fine could amount to 4% of it, the sanctions imposed by the E.U. could be translated to $8.8 billion.

Full article: GDPR May Add Up To $8.8B Marriott’s Data Breach Expenses

Cambridge Analytica’s parent pleads guilty to breaking UK data law

Cambridge Analytica’s parent company, SCL Elections, has been fined £15,000 in a UK court after pleading guilty to failing to comply with an enforcement notice issued by the national data protection watchdog, the Guardian reports.

While the fine itself is a small and rather symbolic one, given the disgraced political analytics firm went into administration last year, the implications of the prosecution are more sizeable.

Full article: Cambridge Analytica’s parent pleads guilty to breaking UK data law

Altogether, more than 1 billion people had their data compromised in 2018

From credit card skimming to technology bugs to massive outright hacks, 2018 was one of if not the worst year on record in terms of data breaches that hit companies and hurt consumers around the world.

When you tally up all of the most significant and worst data breaches of the year, the result you arrive at is the stunning fact that we learned more than 1 billion peoples’ data was potentially compromised at some point in 2018.

Full article: Altogether, more than 1 billion people had their data compromised in 2018 – BGR

Uber fined €400,000 in France over data breach

Uber in France has been hit with a €400,000 fine by the country’s data protection watchdog in response to a major data breach the company experienced in 2016.

The Commission Nationale de l’information et des Liberties (CNIL) said 1.4 million customers of Uber France SAS were impacted by the breach and said it could have been prevented if the company had implemented “basic security measures”.

Full article: Uber fined €400,000 in France over data breach

How one hacked laptop led to an entire network being compromised

A corporate laptop being used in a coffee shop at a weekend was enough to allow a sophisticated cybercrime group to compromise an organisation’s entire infrastructure.

The incident was detailed by cybersecurity firm Crowdstrike as part of its Cyber Intrusion Services Casebook 2018 report and serves as a reminder that laptops and other devices that are secure while running inside the network of an organisation can be left exposed when outside company walls.

Full article: How one hacked laptop led to an entire network being compromised | ZDNet

Data breach whistle-blowers rise after GDPR

General Data Protection Regulation has given people the courage to notify the authorities on any data breaches that otherwise may have gone under their radar.

According to law firm RPC, there has been a 165 per cent increase in the number of whistle-blower reports since GDPR came into force last May. Looking at raw figures, a total of 82 reports have been made to the ICO, compared to 31 before GDPR.

Full article: Data breach whistle-blowers rise after GDPR | ITProPortal

>