We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
The Plusnet data breach that was revealed in September 2018 was another example of a system update that went horribly wrong.
During the process of the internet provider updating its billing system, a data breach incident occurred. The issue led to a number of customers being able to view the personal data for other customers instead of their own.
The Plusnet data breach is practically the same as the huge TSB bank software issue from earlier this year. When they updated their systems, customers were able to see the banking details for other customer. Some were even able to transfer money and make payments.
A Bupa data breach has led to a significant fine from regulators in the sum of £175,000.00 after 198 complaints were made.
The breach period occurred between January and March 2017, meaning it has not attracted a GDPR fine. However, a large fine was levied because Bupa were found to have failed to take enough action to protect their customers’ data.
It has also transpired that customer data was vulnerable at the time of the initial data breach. This stemmed from a lack of monitoring of their customer relationship management system, known as SWAN.
According to some recent and rather worrying research, the question as to who is responsible for data protection is that it’s a HR problem, some executives say.
According to a spread of UK executives who were asked about where the responsibilities are in terms of compromised credentials, like stolen or misused passwords, it’s a HR training issue.
It’s understood that one-fifth of respondents placed the responsibility in the hands of HR departments, with close to a thousand executives questioned. Some respondents also considered compromised credentials and weak passwords as very little risk to the business as well.
There are suggestions that mobile phone data protection is lagging behind as a result of security immaturity and attitudes toward mobile safety.
The smartphone industry in particular has grown exponentially in recent years, and with more than half of the internet’s traffic thought to be on mobile devices, and with mobile apps springing up all the time, some experts are concerned at the lack of maturity mobile phone data protection has when compared to desktop protection.
Does security and attitudes need to change?
The year of 2017 saw a monumental 2.7 BILLIION data records compromised around the world as a result of data breaches and data hacks, estimates say.
This overall estimated figure of data records compromised is terrifying, with the UK reportedly in second place (behind the US) when it comes to the league table of breaches around the world.
They really are happening all the time and all over the place, and figures suggest that numbers have almost doubled in the UK from 2016 to 2017.
Cybersecurity is not a priority for most businesses in the UK, results from recent research has indicated.
Despite us being in a time where the importance of cybersecurity has never been more prevalent, businesses are still not showing the respect to cybersecurity that it deserves. In fact, recent research suggested that just 10pc of UK businesses see cybersecurity as their biggest challenge to economic success, despite 2018 being the big year of the GDPR changes.
With the Information Commissioner’s Office (ICO) now having the power to fine data breach offenders up to £17m, how cybersecurity is not a priority is incredibly baffling.
The MyFitnessPal data breach has triggered a lawsuit against parent company Under Armour, filed on behalf of users of the mobile health app.
The legal case is being described as a putative class action against Under Armour for the liability over the theft of millions of users’ personal information. The allegations are that the MyFitnessPal data breach was caused by Under Armour’s failure to safeguard the data they held for users.
150 million users were reportedly affected by the MyFitnessPal data breach, which includes countless victims in the UK as well. read more
The MyHeritage data breach was a massive wake-up call about the dangers of providing personal and sensitive data to companies, with some 92m users affected by the breach.
When we have the ability to provide companies like MyHeritage with DNA information, which is used together with personal and sensitive information and a wealth of data about family histories, the massive MyHeritage data breach is a monumental wake-up call.
The family networking and genealogy site discovered the data breach last month, which reportedly took place in October last year.
Charity data breach incidents appear to be on the rise, and there are a number of reasons as to why they can be an easy target for hackers, and why they may fall foul of data laws more easily than some other organisations.
According to recent figures, there were 59 charity data breach incidents reported to the Information Commissioner’s Office (ICO) between January and March in 2018. This is a 69pc rise on the previous year’s period.
Although the figures appear to be in-line with rises seen in some other sectors, which may be due to the greater awareness of data breach laws given the new GDPR, the figures cannot be ignored.
Creator and founder of HaveIBeenPwned.com, Troy Hunt, discovered yet another data dump last year. This one reportedly contained personal data belonging to millions in this staggering South African data breach.
At the time of discovery, the information was available from an online public database back-up file and even came with a smaller compressed version. Anyone on the site could download the information.
read more
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.