Loading

72 Hour Countdown: Reporting Data Breaches Under The…

The first 72 hours after you discover a data breach are critical. Why? The EU GDPR requires all organisations to report certain types of personal data breach to the relevant supervisory authority.  More specifically, Article 33…

Will you suffer a data breach if you…

Someone recently asked us: “Will my organisation be breached if we implement ISO 27001?” At first we thought they meant ‘will implementing ISO 27001 make me susceptible to data breaches?’ to which the answer is…

Leicester City FC fans’ financial details stolen in…

A troubled season for Leicester City FC just got worse, with the club announcing that a cyber criminal has broken into the club’s online shop and stolen fans’ financial details. The breach occurred between 23…

WhatsApp urges users to update app after massive…

If you’ve recently had a missed call on WhatsApp from a number you didn’t recognise, cyber criminals might be spying on you. The Facebook-owned app has admitted that cyber criminals have exploited a major vulnerability…

Morrisons heads to the Supreme Court over data…

The Supreme Court has given Morrisons permission to appeal a ruling that found the supermarket liable for a data breach caused by a malicious insider. Morrisons has lost two cases related to its March 2014…

Two managers sacked, CEO fined following massive SingHealth…

Singapore’s IHiS (Integrated Health Information Systems) has sacked two managers and fined five senior staff, including CEO Bruce Liang, for their part in last year’s SingHealth data breach. The incident affected 1.5 million people –…

Loading

Do you have a data breach response plan?

This blog has been updated to reflect industry updates. Originally published 6 August 2018. The EU GDPR (General Data Protection Regulation) requires organisations to respond to serious data breaches within 72 hours of detection. This…

Your DPO questions answered in an interview with…

Organisations have had to get a lot more serious about data processing and information security since the EU GDPR (General Data Protection Regulation) came into effect earlier this year. For many, that has included the…