Free tools and resources for Data Protection Officers!

Tag Archives for " data breach "

Ottawa plans to fine companies that fail to report data breaches

Canadian companies that try to hide data breaches could soon face fines under new regulations being proposed by the federal government. The move would force companies to let people know if their personal information has fallen into the wrong hands.

Source: Ottawa plans to fine companies that fail to report data breaches – Politics – CBC News

GDPR: setting the record straight on data breach reporting

Misleading press stories have claimed that all breaches will need to be reported to the Information Commissioner’s Office and customers alike; others say all details of the breach need to be known straight away and some say there’ll be huge fines for failing to report.

Source: GDPR – setting the record straight on data breach reporting | ICO Blog

Is your customers’ data protected from your employees?

Access by employees to customers’ data has to be subject to stringent privacy restrictions and limitations according to a decision of the Italian data protection authority. The decision of the Italian data protection authority An individual had complained to the Italian privacy authority about the breach of his privacy rights due to the illegal access to his bank account transactions.

Source: ITALY: Is your customers’ data protected from your employees?

Why do big hacks happen? Blame Big Data!

Equifax, one of the largest credit reporting agencies, revealed on Thursday that it was hacked back in May, exposing the personal data of up to 143 million people. The data accessed by hackers contains extremely sensitive information like social security numbers, birth data, consumer’s names, driver’s license numbers and credit card numbers.

Source: Why do big hacks happen? Blame Big Data | Jathan Sadowski | Opinion | The Guardian

The Equifax Breach Exposes America’s Identity Crisis

Social Security numbers, which have been around since the 1930s, have only one intended purpose: to track US citizens’ earnings and contributions to the Social Security program. However, universality of SSN ownership has in turn led to the SSN’s adoption by private industry as a unique identifier. Unfortunately, this universality has led to abuse.

Source: The Equifax Breach Exposes America’s Identity Crisis | WIRED

The Equifax breach, response, and fallout

Consumer credit reporting agency Equifax announced late Thursday hackers had breached some of its website application software, potentially affecting the sensitive personal information of approximately 143 million consumers. The data that was accessed included consumers’ names, Social Security numbers, birth dates, addresses, and, in some instances, driver’s license numbers. The incident may have also compromised credit card numbers for 209,000 U.S. consumers, as well as other “dispute documents” that contained identifying information for 182,000 consumers.

Source: The Equifax breach, response, and fallout

Lack of Injury Dooms Scottrade Data Breach Class Suit Appeal

US federal appeals court rejected class action over a 2013 data breach at that affected more than 4.6 million securities discount brokerage’s Scottrade Inc. customers on grounds that plaintiffs didn’t demonstrate they had suffered actual damages.

Source: Lack of Injury Dooms Scottrade Data Breach Class Suit Appeal | Bloomberg BNA

Do I need to report this breach?

How does a data controller know, in the case of a personal data breach, whether it must report the breach to the supervisory authorities? How can we prevent “notification fatigue” or meaningless notifications to authorities? This article will explore such questions. In the majority of jurisdictions, personal data protection regulations impose a mandatory requirement to notify individuals and/or supervisory authorities when a personal data breach has occurred, even where personal data is not affected.

Source: Do I need to report this breach?

New duty to notify data breaches will provide general benefits to data privacy and security

Data security and privacy will be bolstered by the introduction of new data breach reporting requirements, the UK’s information commissioner has said.

Source: New duty to notify data breaches will provide general benefits to data privacy and security, says UK watchdog

Surprising stats on third-party vendor risk and breach likelihood

The statistics on third-party breaches vary widely, and it’s clear that organizations have trust issues when it comes to third parties reliably notifying them when an incident or a breach occurs.

Source: Surprising stats on third-party vendor risk and breach likelihood

>