News

Privacy and data protection

• August 21, 2020 21 Aug'20

  TikTok’s GDPR compliance probed amid accusations of data misuse

  Dutch privacy organisation SOMI claims TikTok falls short in protecting young users, and that it is likely violating GDPR

• August 21, 2020 21 Aug'20

  MPs accuse ICO of failing to do its job on contact-tracing data

  Cross-party group of MPs say the ICO has failed to enforce data protection standards or hold the government to account over the unlawful Test and Trace programme

• August 21, 2020 21 Aug'20

  Australian regulator sues RI Advice for cyber security lapses

  The Australian Securities and Investments Commission is suing RI Advice for cyber security breaches at the financial firm’s authorised representatives

• August 20, 2020 20 Aug'20

  UKAS rejects ISO certification concerns

  UK’s certification body says refreshed guidance is in place to cover the possibility of lapsed ISO certifications

• August 20, 2020 20 Aug'20

  Social media data leak highlights murky world of data scraping

  A data brokerage left its database of 235 million Instagram, TikTok and YouTube profiles exposed to anybody who cared to access it

• August 19, 2020 19 Aug'20

  HMRC investigates over 10,000 Covid-19 phishing reports

  HM Revenue & Customs received thousands of reports of coronavirus phishing scams exploiting its name during April, May and June

• August 19, 2020 19 Aug'20

  Coronavirus: Thousands of ISO certifications set to lapse

  Delays and postponements in the auditing process are putting hard-earned security and data protection certifications at risk of lapsing

• August 19, 2020 19 Aug'20

  Marriott slapped with class action lawsuit over 2018 breach

  Group action brings together millions of victims who stayed at the Starwood hotel chain over a four-year period

• August 18, 2020 18 Aug'20

  Carnival cruise lines hit by ransomware, customer data stolen

  Cruise ship operator is likely to be the victim of a major data breach after customer information is apparently stolen in a ransomware attack

• August 18, 2020 18 Aug'20

  Reports Oracle to enter TikTok bidding war

  Oracle may be about to make a bid to acquire the US operations of TikTok from its Chinese parent ByteDance, according to the FT

• August 17, 2020 17 Aug'20

  Comms startup Element helps support secure communications during pandemic

  With the huge increase in remote working, Element is using an open, decentralised network to give organisations more control over their communications

• August 14, 2020 14 Aug'20

  ICO acknowledges GDPR concerns over A-level results scandal

  Information Commissioner’s Office says it has engaged with exams regulator Ofqual after its use of an algorithm to calculate A-level grades backfired

• August 14, 2020 14 Aug'20

  US decision to file new charges against Julian Assange ‘astonishing and potentially abusive’

  Lawyer for WikiLeaks founder slams US decision to serve a second indictment at the 11th hour alleging that Assange conspired with hackers, as a potential abuse of process

• August 14, 2020 14 Aug'20

  Oracle and Salesforce sued over online ad tracking

  Class action lawsuits filed in Amsterdam and London will accuse Oracle and Salesforce of breaching GDPR in their processing and sharing of personal data to sell online advertising

• August 13, 2020 13 Aug'20

  Ed Sheeran is not promoting investment opportunities, says NCSC

  The National Cyber Security Centre has issued a new warning after uncovering a series of online scams promoting fraudulent celebrity-endorsed investment opportunities

• August 13, 2020 13 Aug'20

  APAC consumers do not feel responsible for data security

  Just one in four consumers believe they should protect their own data, underscoring the tightrope between security and convenience that organisations have been walking on

• August 12, 2020 12 Aug'20

  EU and US start discussions on ‘enhanced’ Privacy Shield data-sharing agreement

  Talks begin on a successor to the Privacy Shield EU-US data-sharing agreement declared unlawful in July 2020 – a decision by the European Court of Justice that left thousands of businesses facing legal uncertainty

• August 12, 2020 12 Aug'20

  How Dharma ransomware became an effective services business

  New research looks under the bonnet of a Dharma ransomware attack, with the ransomware's ease of use being particularly dangerous for small to medium-sized enterprises

• August 12, 2020 12 Aug'20

  Security training body Sans Institute hit by data breach

  Around 28,000 items of personally identifiable data were lost in a phishing attack on Sans, proving that even the professionals can be caught out

• August 12, 2020 12 Aug'20

  Police use of facial recognition found ‘unlawful’ in court

  In a landmark decision, the Court of Appeal has ruled that South Wales Police’s facial recognition deployments breached human rights and data protection laws

• August 11, 2020 11 Aug'20

  NHS hit by thousands of malicious emails at height of pandemic

  The NHS received nearly 30,000 malicious emails at the height of the Covid-19 pandemic in March and April

• August 11, 2020 11 Aug'20

  Coronavirus: Phishing lures pivot to exploit vaccine hopes

  Phishing emails are increasingly luring in victims with subject lines relating to the development of a vaccine for Covid-19

• August 11, 2020 11 Aug'20

  French data protection authorities to probe TikTok as suitors circle

  France’s CNIL has confirmed a new investigation into TikTok’s data protection practices

• August 11, 2020 11 Aug'20

  Hospitality sector is failing on contact-tracing obligations

  Cyber security experts urge the government to do more to help small hospitality businesses improve their contact-tracing data-handling practices

• August 10, 2020 10 Aug'20

  Retailer Monsoon allegedly exposing data via Pulse Connect server

  A researcher has found a critically insecure Pulse Connect Secure VPN version belonging to UK retailer Monsoon Accessorize, but claims the firm is ignoring his disclosures

• August 07, 2020 07 Aug'20

  Virgin Media customers targeted in Twitter phish

  Customers seeking help from the ISP are being targeted by a scam Twitter account

• August 07, 2020 07 Aug'20

  Data Standards Authority publishes guidance on government data sharing

  The Data Standards Authority (DSA) wants government departments to use new open data standards when sharing data, with the aim of improving public services

• August 07, 2020 07 Aug'20

  TikTok to be banned in US in 45 days

  Trump says his Executive Orders against Chinese mobile apps are in the interests of dealing with a national emergency

• August 06, 2020 06 Aug'20

  Australia updates cyber security strategy but offers little new

  The nation’s latest cyber security strategy includes centralised management of networks and a voluntary code of practice for deploying internet-connected devices, among other areas

• August 06, 2020 06 Aug'20

  Qualcomm chip vulnerability puts millions of phones at risk

  Qualcomm has patched multiple vulnerabilities in its chip hardware that left hundreds of millions of smartphones open to compromise by malicious actors

• August 06, 2020 06 Aug'20

  Canon said to be latest Maze ransomware victim

  Canon may have had up to 10TB of its data exfiltrated by the Maze ransomware gang

• August 06, 2020 06 Aug'20

  GCHQ seeks researchers to tackle deep fakes and misinformation

  A GCHQ research fellowship based at its Manchester office will explore various national security priorities such as deep fakes, fake news and the impact of AI

• August 05, 2020 05 Aug'20

  Netherlands investigates innovative privacy technology SSI

  Dutch research organisation is looking into areas where self-sovereign identity technology could be used in society and business

• August 05, 2020 05 Aug'20

  Second wave of Covid-19 cyber attacks locked in

  More cyber attacks exploiting the pandemic seem likely, says Interpol

• August 04, 2020 04 Aug'20

  Five signs you’re about to get hit with ransomware

  A series of Sophos reports on the ransomware threat landscape shows how security professionals can sniff out a potential ransomware attack before it happens

• August 04, 2020 04 Aug'20

  Liam Fox hack raises questions over government security

  The hack of a former cabinet minister’s emails casts doubt over the effectiveness of safeguards and security training processes at the highest levels of the British government

• August 04, 2020 04 Aug'20

  New foundation to bolster security of open source software

  The Open Source Security Foundation will bring together key open source security initiatives across the industry to improve and support the security of open source software

• August 03, 2020 03 Aug'20

  Estonian police and border services need better IT to block criminals from becoming e-residents

  Police and Border Guard Board of Estonia needs to improve its IT systems to stop criminals from becoming e-residents, says report

• August 03, 2020 03 Aug'20

  Microsoft offers way out of TikTok impasse

  Microsoft offers to buy TikTok from its Chinese parent to ease security fears in the US

• August 02, 2020 02 Aug'20

  More data breaches from ransomware attacks in Australia

  The number of data breaches caused by ransomware rose to 33 in the first half of 2020 from 13 in the previous six-month period, according to the latest report from the Office of the Australian Information Commissioner

• July 31, 2020 31 Jul'20

  ICO launches guidance on AI and data protection

  The Information Commissioner’s Office (ICO) has published guidance aimed at rendering the application of machine learning to data compliant with data protection principles

• July 31, 2020 31 Jul'20

  Labour Party is latest victim of Blackbaud ransomware attack

  Widening Blackbaud data breach ensnares the Labour Party as the cloud software firm continues to duck questions about its behaviour

• July 31, 2020 31 Jul'20

  US lawmakers grill big tech chiefs over market power

  Sixth antitrust hearing sees CEOs of major technology companies face combative questioning from members of Congress over their market power and dominance

• July 31, 2020 31 Jul'20

  Twitter confirms it was hit by targeted spearphishing attack

  Investigation into 15 July 2020 hack of a number of high-profile accounts by cryptocurrency scammers has found evidence of a targeted spearphishing incident

• July 31, 2020 31 Jul'20

  EU sanctions China and Russia over cyber attacks

  The EU is applying restrictive measure to six individuals and three entities accused of conducting disruptive cyber attacks in Europe, including the Russian GRU

• July 30, 2020 30 Jul'20

  Former UC Global staff confirm Embassy surveillance operation against Julian Assange

  Spanish court investigates claims that security company illegally recorded meetings between Julian Assange, politicians, lawyers and celebrities at the Ecuadorian Embassy in London

• July 30, 2020 30 Jul'20

  List of Blackbaud breach victims tops 120

  More than 120 education and third-sector organisations may have had their data compromised through the breach of Blackbaud’s cloud platform

• July 29, 2020 29 Jul'20

  Serious BootHole vulnerability puts millions of systems at risk

  BootHole is a GRUB2 bootloader vulnerability and puts millions of PCs, servers and other devices at risk of compromise

• July 29, 2020 29 Jul'20

  Campaigners urge government to resist big tech lobbying pressure

  Lobbyists for big tech, supported by senior US politicians, have rallied against stricter regulation of technology companies, and threatened the US-UK trade deal unless Britain scraps plans to levy a digital services tax

• July 29, 2020 29 Jul'20

  Schrems steps up pressure on Irish data protection commissioner on Facebook’s data sharing with US

  Austrian lawyer is considering ‘other’ options if the Irish data protection commissioner does not make a decision by October on his seven-year-old complaint against Facebook