For the European Union Institutions and Bodies these Guidelines provide recommendations and indicate best practices to implement accountability for personal data protection by helping to assess and manage the risks for data protection, privacy and other fundamental rights of individuals in case of a personal data breach. The Guidelines describe: – What a personal data … Read more
The American company Medical Informatics Engineering (MIE) has been indicted by 12 American states for a data breach in 2015 in which nearly 4 million patient data came into criminal hands. In May 2015, malicious people were able to invade the company’s back-end systems. They managed to steal data from 3.9 million citizens there. It … Read more
Quora states that last Friday the discovery was that an unidentified malicious third-party managed to gain unauthorized access to one of its systems and stole data on approximately 100 million users—that’s almost half of its entire user base. The personal user information compromised in the breach includes: – Account information: names, email addresses, encrypted (hashed) … Read more
Data that Windows 10 Enterprise and Microsoft Office collects from and about users and stores in a database in the United States poses a risk to the privacy of users, according to research by the Ministry of Justice and Security. The Data Protection Impact Assessment (DPIA) which was executed on the ‘Windows 10 Enterprise’ and … Read more
Cathay Pacific, one of the main airlines in Hong Kong, says records on as many as 9.4 million passengers may have been stolen in a data breach in March which has been made public last Wednesday. The airline said in a statement that there was “no evidence” that passenger data had been misused, but warned … Read more
Digital forensic examination revealed that an employee had an extensive history of visiting adult pornography websites. Many of the 9,000 web pages visited routed through websites that originated in Russia and contained malware. The analysis confirmed that many of the pornographic images were subsequently saved to an unauthorized USB device and personal Android cellphone connected … Read more
Bupa Insurance Services Limited (Bupa) has been fined £175,000 by the Information Commissioner’s Office (ICO) for failing to have effective security measures in place to protect customers’ personal information. Between 6 January and 11 March 2017, a Bupa employee was able to extract the personal information of 547,000 Bupa Global customers and offer it for … Read more
In 4 months, the French Data Protection Authority Cnil has received 742 notifications of personal data breaches, affecting 33.7 million people in France and abroad. Since the start on the 25th of May the European Data Protection Regulation (GDPR) requires companies to notify CNIL within 72 hours of any violation of personal data held by … Read more