EDPB: Authorities received 65K data breach notifications in first nine months of GDPR

(May 17, 2019) The European Data Protection Board found EU national supervisory authorities received 64,684 data breach notifications in the first nine months under the EU General Data Protection Regulation, GovInfoSecurity reports. The EDPB report found the authorities also received 94,622 GDPR-related complaints in the same time period. Regulators in 11 European countries issued $63 million in fines for GDPR violations. “Nine months after the entry into application of the GDPR, the members of the EDPB are of... Read More

Philippine NPC investigates voter information breach

(May 16, 2019) Candidates in recent Philippine elections are being investigated by the National Privacy Commission for alleged improper, nonconsensual access of voter information, the Philippine News Agency reports. The NPC's investigation will determine how candidates were able to access voters' data and whether the information was processed in compliance with Data Privacy Act standards. “It has come to our attention that some individuals posted on social media about receiving from candidate/s a 'precinct loc... Read More

OAIC releases quarterly data breach report

(May 16, 2019) The Office of the Australian Information Commissioner published its Notifiable Data Breaches Quarterly Statistics Report, which revealed one breach that involved more than 10 million victims, ZDNet reports. The cause of the breach was not reported; however, the number of affected individuals was by far the most of any breach discovered during the quarter. The report showed that data breach notifications decreased to 215 from 262 last quarter. Nearly 61% of the 215 breaches were malicious cyberat... Read More

New Zealand Ministry of Social Development in breach of privacy laws

(May 16, 2019) New Zealand Privacy Commissioner John Edwards has announced that an investigation into the country's Ministry of Social Development revealed years of privacy violations under the Bill of Rights 1990. According to Edwards' report, the ministry violated citizens' rights to privacy with its tactics regarding their investigations into benefit fraud. The improper practices, which were brought forward by Auckland Action Against Poverty, included the unnecessary collection of beneficiaries' intimate te... Read More

Russian government websites leaked info of 2.25M people

(May 16, 2019) Informational Culture Co-Founder Ivan Begtin discovered several Russian government sites leaked the personal and passport information of more than 2.25 million individuals, ZDNet reports. Begtin found 23 sites leaked insurance account numbers and 14 sites leaked passport data. Other information leaked by the websites included names, job titles, email addresses and tax identification numbers. In a Facebook post, Begtin said he reached out to Russia’s federal communications supervisor, Roskomnadzo... Read More

Trump signs executive order to block communication tech that poses security risks

(May 16, 2019) U.S. President Donald Trump signed an executive order to block transactions that involve information and communication technologies that pose “an unacceptable risk to the national security of the United States,” CNBC reports. After the executive order was signed, the Department of Commerce announced Huawei Technologies and its affiliates were added to the Bureau of Industry and Security Entity List, which will make it harder for the company to conduct business in the U.S. “Restricting Huawei fro... Read More

Research shows correlation between data breaches and stock value

(May 16, 2019) Infosecurity Magazine reports a recent analysis that shows publicly traded companies that have experienced a data breach can be subject to a subsequent drop in stock value. Data security firm Bitglass' "Kings of the Monster Breaches" report looked at breaches for Marriott in 2018, Equifax in 2017 and Yahoo in 2016, revealing the companies endured a combined 7.5% post-breach drop in stock value. Each company lost an average of $5.4 billion, and Marriott and Yahoo averaged 46 days to redeem their ... Read More

Router security vulnerabilities raise global concerns

(May 15, 2019) Wired reports security holes have been discovered in Cisco's 1001-x series router. The router, which has the capacity to power institutions as large as stock exchanges, had a pair of vulnerabilities exposed by researchers at security firm Red Balloon. A bug in Cisco's Internetwork Operating System is the gateway hack researchers first discovered before going a step further by finding a way to bypass the router's Trust Anchor, the security feature Cisco has installed in products since 2013, and g... Read More

Twitter inadvertently collected, shared location data

(May 14, 2019) Twitter announced it had inadvertently collected and shared iOS location data with one of its partners. The social media platform said in a blog post users who have more than one Twitter account on iOS and opted to use the precise location feature in one account had all their location information collected, regardless of whether the feature was enabled for the other profiles. Twitter intended to remove location data from any real-time bidding but did not do so. The company said it implemented me... Read More

Data breach exposes information of 85% of Panama citizens

(May 14, 2019) ZDNet reports an unprotected Elasticsearch server has exposed the personal information and patient records of nearly 85% of Panama's 4.03 million citizens. Names, home addresses, phone numbers, email addresses, national identification numbers, birthdates and medical insurance numbers were exposed in the leak, which was a product of a server that lacked a password or firewall. Japanese retailer Fast Retailing was also a victim of a recent data breach involving more than 460,000 of its online cust... Read More