Telefonica breach leaves data on millions exposed
Identity and payment information – including land line and mobile numbers, national ID numbers, addresses, banks, names and call records – was exposed although there is no evidence that any of the data was used in fraudulently. If Telefonica’s data had been protected by end-to-end encryption “there would be no breach to report under GDPR,as stolen encrypted data would be unusable. Now that GDPR is in effect, the Telefonica customer notifications and follow-up must be done in a compliant and potentially expensive way.