fbpx

Download free GDPR compliance checklist!

Tag Archives for " data breach "

Major breach found in biometrics system used by banks, UK police and defence firms

The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan police, defence contractors and banks.

Suprema is the security company responsible for the web-based Biostar 2 biometrics lock system that allows centralised control for access to secure facilities like warehouses or office buildings. Biostar 2 uses fingerprints and facial recognition as part of its means of identifying people attempting to gain access to buildings.

Recently Biostar 2 platform was integrated into another access control system – AEOS, that is used by 5,700 organisations in 83 countries, including governments, banks and the UK Metropolitan police. In a search last week, the researchers found Biostar 2’s database was unprotected and mostly unencrypted.

Source: Major breach found in biometrics system used by banks, UK police and defence firms | Technology | The Guardian

Data breach activity at its worst in 2019

A new report by Risk Based Security says that 2019 is on track to being the “worst year on record” for data breach activity.

The 2019 Midyear Quickview Data Breach Report from Risk Based Security reports the number of data breaches is already up by 54% over last year, with half the year left to go.

Source: #privacy: Data breach activity at its worst in 2019, report finds

Study highlights greater risks run by small businesses that suffer a data breach

Almost a third of consumers have said that a small business would lose their loyalty in the event of a data breach.

While no business is free from the risk of cyber-crime, larger organisations are usually more able to deal with data breach incidents, as they typically have greater finances, IT resources and expertise to invest into cyber-combat and breach recovery.

Source: #privacy: Study highlights greater risks run by small businesses that suffer a data breach

Why Bringing Data Privacy Management To The Board Level Will Reduce Data Breaches

Learning from recent breaches and the need for a greater understanding of privacy in the enterprise, it’s time for companies to take a new, proactive approach to data management.

Making data privacy decisions in a silo is no longer enough. Organizations must now implement robust data privacy practices that also involve their board members on an operational and technical level to protect themselves and their customers’ well-being.

Source: Council Post: Why Bringing Data Privacy Management To The Board Level Will Reduce Data Breaches

Facebook confirms 419m phone numbers exposed in latest privacy lapse

Hundreds of millions of Facebook users’ phone numbers were exposed in an open online database, the company confirmed Wednesday.

More than 419m Facebook IDs and phone numbers were stored in an online server that was not password protected. The dataset included about 133m records for users in the US, 18m records for users in the UK and 50m records for users in Vietnam.

Source: Facebook confirms 419m phone numbers exposed in latest privacy lapse | Technology | The Guardian

A huge database of Facebook users’ phone numbers found online

Hundreds of millions of phone numbers linked to Facebook accounts have been found online.

The exposed server contained more than 419 million records over several databases on users across geographies, including 133 million records on U.S.-based Facebook users, 18 million records of users in the U.K., and another with more than 50 million records on users in Vietnam.

Source: A huge database of Facebook users’ phone numbers found online | TechCrunch

How long should it take to risk-score a privacy incident?

If you’ve been in the privacy world for any amount of time, you recognize there has been a marked increase in the speed at which our world operates.

New threats to our data are introduced every day. With the expanding scope of what constitutes protected and sensitive data, the number of privacy cases we must manage at any given time is increasing. Privacy professionals are being asked to do more and faster than ever.

Full article: How long should it take to risk-score a privacy incident?

Annual global data breach costs to exceed $5 trillion by 2024

The annual cost of worldwide data breaches will surpass $5 trillion by 2024, according to a newly published Juniper Research report.

Current yearly cost totals sit at $3 trillion, which means the jump to $5 trillion in five years represents an average annual growth of 11 percent.

Juniper’s forecast also anticipates that most breaches through 2024 will target small- and medium-sized enterprises with budgets that are insufficient to adequately defend against cyber threats.

Source: Annual global data breach costs to exceed $5 trillion by 2024: report

Bulgarian DPA fines bank €500,000 for data breach

Bulgaria’s data protection authority (DPA) – Commission for Personal Data Protection – has imposed a 1 million levs (about 500,000 euro) fine on DSK Bank for a data breach that impacted upon more than 33,000 of its clients.

During the course of its month-long investigation the DPA has found that DSK Bank did not apply the relevant technical and organisational measures in order to ensure the protection of the personal data of individuals and third persons connected to them.

Source: Personal Data Protection Commission

4 Dating Apps Pinpoint Users’ Precise Locations – and Leak the Data

Grindr, Romeo, Recon and 3fun were found to expose users’ exact locations, just by knowing a user name. Four popular dating apps that together can claim 10 million users have been found to leak precise locations of their members.

“By simply knowing a person’s username we can track them from home, to work,” explained Alex Lomas, researcher at Pen Test Partners, in a blog on Sunday. “We can find out where they socialize and hang out. And in near real-time.”

Source: 4 Dating Apps Pinpoint Users’ Precise Locations – and Leak the Data | Threatpost

>