We may see a Marriott GDPR fine applied after the monumental breach that was discovered last year, given the volume of people affected and the nature of the breach.
As many as 500 million people were affected, with data said to have been compromised between 2014 and 2018. An unauthorised third-party is said to have accessed the guest reservation table fore the Startword division of the company. Data exposed in the breach included a lot of personal and account data.
The breach lapses over GDPR coming into force in May 2018. That means that the ICO (Information Commissioner’s Office) could issue a fine that equates to 4% of the Marriott’s global annual turnover.
Posted by Matthew on February 21, 2019 in the following categories: Cybersecurity Data GDPR Hacking News ICO Latest Security Technology and tagged with apps | cyber attack | cyber crime | cybersecurity | online security | personal data
A Deliveroo data breach “incident” is said to have been reported to the ICO who have confirmed that they’re making inquiries.
Back in 2016, the food delivery company faced scrutiny after customers complained of fraudulent transactions on their accounts. In some cases, it appeared the issues were down to people’s credentials being stolen in hacks completely separate to Deliveroo. Criminals had used stolen credentials to access accounts in cases where credentials were reused.
Deliveroo were subsequently criticised over what some customers felt was a failure to spot and stop fraudulent transactions. In this latest incident, it appears that history may be repeating itself.
Posted by Matthew on February 18, 2019 in the following categories: Cybersecurity Data GDPR Latest Security Social Networking Technology and tagged with cybersecurity | data controllers | data leak | facebook | online security | personal data | social media data breaches
Greater Facebook regulation is looking imminent after a year-long inquiry that included issues over the misuse of personal data.
The inquiry, launched in-part after the Cambridge Analytica scandal, comes after a spate of recent data breach incidents involving the social medial platform. The recommendations made by the Digital, Culture, Media and Sport Committee include an independent regulator to oversee tech firms like Facebook.
It’s not been an easy process judging from the remarks of MPs and others involved with the inquiry. Facebook founder, Mark Zuckerberg, didn’t even come to the UK to answer questions himself, which has reportedly caused a stir.
Posted by Matthew on December 18, 2018 in the following categories: Cybersecurity Data GDPR Mobile Data Security Smartphones Social Networking and tagged with apps | cybersecurity | data leak | database security | facebook | online security | personal data
There’s been another Facebook data leak, and yet again, millions of users are said to have been affected.
The fines that Facebook could now face in accordance with GDPR are mounting. This is one of many data leaks that have been revealed recently. The previous one, affecting some 29m users, was only discovered a couple of months ago.
In this latest Facebook data leak, a software bug has led to users’ photos being uploaded to websites without permission.
Posted by Matthew on December 10, 2018 in the following categories: Cybersecurity GDPR Group Action and tagged with compensation | cyber attack | cybersecurity | data breach | data controllers | online security | personal data
If you need legal advice about the Marriott data breach, we can help. This is another huge breach that has led to private and sensitive data being exposed.
This has to be 2018’s mega breach. Although we thought the British Airways one was the breach to set the bar, this one is obscene in terms of data breached and the timeframe. Some 500 million customers whose data was on Marriott’s Starwood reservation database has been comprised since 2014. Anyone with data on the system up until 10th September 2018 may be affected.
If you’ve received notification that you’re a victim of the Marriott data breach and you’re based in England or Wales, we can help.
It seems highly likely there will be some form of Facebook GDPR fine coming at some time. The recent data breaches cannot go unpunished.
As data breaches and our rights to privacy continue to grow in importance, people want to know how GDPR will be there to protect us. With the massive Facebook data breach that took place in September fresh in our minds, people want to know what kind of Facebook GDPR fine may be issued.
Facebook could find themselves as the marker in Europe for how far the new GDPR will go. Although it isn’t the first company to have been at the centre of a data breach since the rule change in May, it could be the biggest.
Earlier this month, an apology was issued over the Southwark Council data leak, and the matter was brought to the attention of regulators.
The personal information of around 20 people was accidentally leaked as part of a Freedom of Information request. The request had asked for correspondence between council officials and Delancey, an asset management company.
The personal information had not been redacted, resulting in the leak. The Information Commissioner’s office (ICO) has been informed.
If you’ve been affected by the recent Npower data breach, we can help with legal advice and compensation representation.
Npower sent out some 5,000 letters addressed to customers with solar panels. However, the letters contained the details for other customers as opposed to the information for the addressee. Some contained additional sheets containing further information for more customers.
Npower has apologised for the breach, which has been referred to the ICO (Information Commissioner’s office).
According to some recent and rather worrying research, the question as to who is responsible for data protection is that it’s a HR problem, some executives say.
According to a spread of UK executives who were asked about where the responsibilities are in terms of compromised credentials, like stolen or misused passwords, it’s a HR training issue.
It’s understood that one-fifth of respondents placed the responsibility in the hands of HR departments, with close to a thousand executives questioned. Some respondents also considered compromised credentials and weak passwords as very little risk to the business as well.
Cybersecurity is not a priority for most businesses in the UK, results from recent research has indicated.
Despite us being in a time where the importance of cybersecurity has never been more prevalent, businesses are still not showing the respect to cybersecurity that it deserves. In fact, recent research suggested that just 10pc of UK businesses see cybersecurity as their biggest challenge to economic success, despite 2018 being the big year of the GDPR changes.
With the Information Commissioner’s Office (ICO) now having the power to fine data breach offenders up to £17m, how cybersecurity is not a priority is incredibly baffling.