Organizations often ask how much chance they have on data protection fines and how much financial reserve they should make for that. Unit 27 June EDPB guidelines on calculating GDPR fines are released for public consultation. Interesting is to have a look at the example for mitigating and aggravating factors that could influence the height … Read more
Bank of Ireland failed to:– report dataleaks without delay;– provide sufficient detail to the DPC;– issue communications to data subjects without undue delay;– failed to implement appropriate technical and organisational measures. Result: €463,000 fine
“Various claims are filed as a result of the issuance of duplicate SIM cards to third parties other than subscribers. As a result of the above, the holders of the telephone line are not only left without service, but the third parties access their bank accounts.” “Spanish DPA carries out research actions to analyze the … Read more
The Google Dialer and Messages apps, which are installed by default on Android phones, collect all kinds of private data from users and send it to Google, according to researchers from Trinity College Dublin based on their own research. The apps are used for calling and sending and receiving SMS and other messages. According to … Read more
The personal and salary data of 637,000 Albanians, about a quarter of the population, has been stolen and leaked on the internet. It concerns names, identity card and passport numbers, telephone numbers, salary, position and employer that are contained in two Excel documents that are shared via WhatsApp, according to the Albanian Exit News. The … Read more
According to the CEO the bad actor leveraged their knowledge of technical systems, along with specialized tools and capabilities, to gain access to our testing environments and then used brute force attacks and other methods to make their way into other IT servers that included customer data. Compromised information includes customer names, addresses, Social Security … Read more
Power Apps, a low-code development platform for creating business-intelligence tools, were susceptible to a default configuration that made their data sets findable by search engines or anyone with knowledge of the web address. 38 million records pf 47 organizations— containing names, dates of birth, addresses and, in some cases, Social Security numbers were exposed.
Cyberinsurance giant AXA said that it would no longer be writing policies to cover ransomware payments. Now AXA in Thailand, Malaysia, Hong Kong, and the Phillippines have reportedly been hit… by a ransomware attack. The ransomware gang posted on its website over the weekend that it had stolen 3 terabytes worth of data, including: customers’ … Read more
Researchers reported on Tuesday that Amazon Web Services System Manager (SSM) misconfigurations led to the potential exposure of more than 5 million documents with personally identifiable information and credit card transactions on more than 3,000 SSM documents.
According to researchers at the American Ponemon Institute, cyber attacks are the leading cause of data leaks, followed by technical defects, configuration errors in the cloud and human error. The “Cost of a Data Breach Report 2020” study conducted by IBM among 3,200 people from 524 organizations shows that the average cost per leaked or … Read more