Free tools and resources for Data Protection Officers!

Tag Archives for " data breach "

Uber fined £385,000 for data breach affecting millions of passengers

Uber’s European operation has been fined £385,000 for a data breach that affected almost 3 million British users, the Information Commissioner’s Office has announced.

In November 2016, attackers obtained credentials to access Uber’s cloud servers and downloaded 16 large files, including the records of 35 million users worldwide. The records included passengers’ full names, phone numbers, email addresses, and the location where they had signed up.

Source: Uber fined £385,000 for data breach affecting millions of passengers

E-commerce is winning as most Americans now trust online business with their data

Despite conflicting opinions about online privacy, customers choose to shop with companies that take reasonable security precautions.

Most Americans are actually willing to online shop with retailers that previously faced a security breach—if they have taken measures to secure data, according to the report. With years of conflicting news about cybersecurity threats and breaches, users have almost become desensitized to the information, the report found.

Full article: Why e-commerce is winning: Most Americans now trust online retailers with their data – TechRepublic

Cathay Pacific case shows data breach reporting challenges

Multinational companies experiencing a major data breach face significant challenges in co-ordinating co-operation with investigating authorities around the world.

The scale of the challenge was highlighted recently when the chief executive of airline Cathay Pacific, Rupert Hogg, revealed that the company had provided details of a data breach the business first disclosed last month to 27 different authorities spanning 15 jurisdictions.

The case is an example of how the discovery of data breaches can trigger a duty to notify those breaches to not only data protection authorities and impacted customers, but financial regulators and financial markets too.

Full article: Cathay Pacific case shows data breach reporting challenges

Amazon hit with major data breach

Amazon has suffered a major data breach that caused customer names and email addresses to be disclosed on its website, just two days ahead of Black Friday.

The firm said the issue was not a breach of its website or any of its systems, but a technical issue that inadvertently posted customer names and email addresses to its website.

Source: Amazon hit with major data breach days before Black Friday

A leaky database of SMS text messages exposed password resets and 2FA codes

A security lapse has exposed a massive database containing tens of millions of text messages, including password reset links, two-factor codes, shipping notifications and more.

The exposed server belongs to Voxox (formerly Telcentris), a San Diego, Calif.-based communications company. The server wasn’t protected with a password, allowing anyone who knew where to look to peek in and snoop on a near-real-time stream of text messages.

Source: A leaky database of SMS text messages exposed password resets and two-factor codes | TechCrunch

Facebook May Face 100M Euro Lawsuit Over Privacy Breach

A French nongovernmental organization wants Facebook Inc. to pay 100 million euros ($113 million) and fix any problems stemming from recent data security incidents and privacy breaches.

The Internet Society of France says Facebook collected data on nonusers without getting their consent, and illegally limited its responsibilities with respects to personal information. The NGO also claimed that Facebook unduly collected the political opinions, religious beliefs, and sexual orientation of its users in violation of EU privacy laws.

The Internet Society is seeking 100 million in euros from Facebook if they can get 100,000 EU data subject to join the complaint. The organization said Facebook has four months to respond before it files its action in the Court of First Instance of Paris.

Source: Facebook May Face 100M Euro Lawsuit Over Privacy Breach

Massive Data Leaks Keep Happening Because Big Companies Can Afford to Lose Your Data

If you live in the United States, there’s almost a 50 percent chance your personal data was lost in the giant Equifax data breach a year ago of 143 million records. Google, Facebook had recend breaches. Over the last five years alone, major breaches at Anthem, eBay, JPMorgan Chase, Home Depot, Yahoo, Target, Adobe …

Each day there must have been another major data breach that keeps criminal hackers gainfully employed by selling your information. Bad guys keep getting smarter, experts say. Why not corporations? The short answer is, because it’s not worth their trouble.

Full article: Massive Data Leaks Keep Happening Because Big Companies Can Afford to Lose Your Data – Motherboard

ICO publishes report on use of data analytics in political campaigns

UK’s data protection authority ICO has published a report to Parliament that brings the various strands of its investigation up to date. ICO found a disturbing disregard for voters’ personal privacy by players across the political campaigning eco-system — from data companies and data brokers to social media platforms, campaign groups and political parties.

UK Information Commissioner is calling for views for a code of practice covering the use of data in campaigns and elections. It will simplify the rules and give certainty and assurance about using personal data as a legitimate tool in campaigns and elections.

Source: Blog: Information Commissioner’s report brings the ICO’s investigation into the use of data analytics in political campaigns up to date | ICO

Data Breaches Compromised 4.5 Billion Records in First Half of 2018

Gemalto released the latest findings of the Breach Level Index, a global database of public data breaches, revealing 945 data breaches led to 4.5 billion data records being compromised worldwide in the first half of 2018. Compared to the same period in 2017, the number of lost, stolen or compromised records increased by a staggering 133 percent, though the total number of breaches slightly decreased over the same period, signaling an increase in the severity of each incident.

A total of six social media breaches, including the Cambridge Analytica-Facebook incident, accounted for over 56 percent of total records compromised. Of the 945 data breaches, 189 (20 percent of all breaches) had an unknown or unaccounted number of compromised data records.

Source: Data Breaches Compromised 4.5 Billion Records in First Half of 2018*

>