Article and Personal data - Information Management Today

Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach

Security Affairs

DECEMBER 18, 2024

These own-volition inquiries were launched by the DPC following a personal data breach, which was reported by MPIL in September 2018.” “This data breach impacted approximately 29 million Facebook accounts globally, of which approximately 3 million were based in the EU/EEA.

Data breaches

Data breaches GDPR Personal data Access

New Zealand property management company leaks 30,000 users’ passports, driver’s licenses and other personal data

Security Affairs

JULY 15, 2020

CyberNews reported the discovery of an unsecured Amazon S3 bucket containing users’ passports, driver’s licenses and other personal data. This article puts the value of one passport scan at around $14 on the dark web , while another article puts a driver’s license value at about $20. What’s the impact? Pierluigi Paganini.

Personal data

Personal data Phishing Access Risk

GUEST ESSAY: How stricter data privacy laws have redefined the ‘filing’ of our personal data

The Last Watchdog

NOVEMBER 4, 2021

Europe’s General Data Protection Regulations (GDPR) changed the game. Legacy filing systems were not built to keep track of the personal data of specific individuals primarily to be in compliance with the many data protection regulations popping up around the world.

Personal data

Personal data Privacy Data Privacy Unstructured data

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Personal data of thousands of users from the UK, Australia, South Africa, the US, Singapore exposed in bitcoin scam

Security Affairs

JUNE 30, 2020

Further analysis of the URLs revealed that a short link takes a victim to another URL which already demonstrates their personal data, such as the phone number, first or/and last name, and sometimes an email address, and used for redirects to fake websites masquerading as a local media outlet. Pierluigi Paganini.

Personal data

Personal data Blockchain Data breaches Phishing

Irish Data Protection Commission fined LinkedIn €310M for GDPR infringement

Security Affairs

OCTOBER 25, 2024

Irish Data Protection Commission fined LinkedIn €310M after finding its use of behavioral data for targeted ads violated privacy laws, requiring compliance changes. The DPC’s inquiry was launched following an initial complaint to the French Data Protection Authority. ” reads the DPC’s announcement.

GDPR

GDPR Personal data Compliance Privacy

Indonesia Ratifies Country’s First Comprehensive Legal Framework for Personal Data Protection

Hunton Privacy

NOVEMBER 8, 2022

SHIFT Counsellors at Law reports from Indonesia that The People’s Representative Council of the Republic of Indonesia has ratified Indonesia’s draft law on personal data protection. The law, which is partly modeled on the EU General Data Protection Regulation, is Indonesia’s first “umbrella regulation” on personal data protection.

Personal data

Personal data GDPR Compliance Information Security

META hit with privacy complaints by EU consumer groups

Security Affairs

MARCH 4, 2024

Consumer groups assert that Meta is not adhering to various rules established by the European privacy regulation GDPR: Fair Processing (Article 5(1)(a)): Personal data must be processed lawfully, fairly, and transparently. Consumer groups claim that Meta’s data collection is unfair and lacks transparency.

Privacy

Privacy GDPR Personal data Data collection

Article 28 Standard Contractual Clauses

DLA Piper Privacy Matters

JUNE 10, 2021

However, it shouldn’t be overlooked that another set of standard clauses has been issued by the EU, namely the Article 28 Standard Clauses. As a reminder, when personal data is being processed in the UK or EU, a set of mandatory terms must be included in the contract between the controller and the processor.

Personal data

Personal data GDPR Compliance Data breaches

Russian hacker Pavel Sitnikov arrested for distributing malware via Telegram

Security Affairs

JUNE 1, 2021

The authorities charged him under Article 273, Part 2 of Russian criminal law, he was interdicted from using any electronic devices until his trial and cannot leave the town. Russian police raided Pavel Sitnikov’s home in the Pskov region on May 20. ” reads the post published by The Record. .”

Personal data

Personal data Sales Communications Security

UK: New guidance on processing personal data for scientific research purposes

DLA Piper Privacy Matters

MARCH 1, 2022

Meanwhile, a sometimes popular (mis)conception is that data protection laws – and particularly the GDPR – are a barrier to the effective use of personal data for research. This article explores the key points of the new guidance. data subject rights, including transparency. Re-use of personal data for research.

Personal data

Personal data GDPR Data collection Archiving

New Horizons in Data Protection: Malaysia’s Personal Data Protection (Amendment) Act 2024

Data Protection Report

JANUARY 17, 2025

On 24 December 2024, Malaysias Minister of Digital stipulated the dates on which the provisions of the Malaysian Personal Data Protection (Amendment) Act 2024 ( Amendment Act ) will come into force. The Amendment Act will take effect in three tranches, which we summarise and discuss below with thanks to Malaysian law firm Skrine.

Personal data

Personal data Data breaches Compliance Paper

Is it still necessary for data protection laws to have particular processing rules for specific types pf personal data?

Data Protector

OCTOBER 16, 2020

I am not aware of calls from citizens of those countries to amend local laws to develop special rules for particular categories of personal data. Some countries have extended their lists of special category data beyond those set out in European law. Indonesia, Hong Kong and Singapore are examples of such countries.

Personal data

Personal data GDPR IT Privacy

Uniform Personal Data Protection Act Offers an Alternative Approach to Consumer Data Protection

Data Matters

MARCH 24, 2022

* This article first appeared in Legaltech News on March 22, 2024, available here. With federal consumer privacy bills gaining little traction, the Uniform Law Commission proposes the Uniform Personal Data Protection Act (UPDPA) as an alternative to the existing quilt of state consumer privacy laws.

Personal data

Personal data Privacy Data Privacy

Seiko watches 60K personal data records tick away in BlackCat ransomware heist via TheRegister

IG Guru

NOVEMBER 3, 2023

Check out the article here. The post Seiko watches 60K personal data records tick away in BlackCat ransomware heist via TheRegister first appeared on IG GURU.

Personal data

Personal data Ransomware Information governance Risk

UK Information Commissioner issues letter on transfers of personal data to the U.S. Securities and Exchange Commission

DLA Piper Privacy Matters

FEBRUARY 17, 2021

Securities and Exchange Commission (“ SEC ”) confirming that SEC-regulated UK domiciled firms (“ UK Regulated Firms ”) can share personal data with the SEC when seeking to comply with regulatory obligations, in compliance with the UK GDPR. As the GDPR places restrictions on the transfer of personal data to the U.S.,

Personal data

Personal data GDPR Security Compliance

Europe: EDPB issues guidelines on interplay between Article 3 and Chapter V of GDPR

DLA Piper Privacy Matters

NOVEMBER 24, 2021

On 19 November, the European Data Protection Board (‘ EDPB ‘) published, its draft Guidelines 05/2021 on the Interplay between the application of Article 3 and the provisions on international transfers as per Chapter V of the GDPR (“ Guidelines ”). This controller or processor (i.e.

GDPR

GDPR Personal data Access Risk

Hackers Are Selling Hacked Police Emails to Try to Grab Personal Data From TikTok, Facebook via 404

IG Guru

SEPTEMBER 8, 2023

Check out the article here. The post Hackers Are Selling Hacked Police Emails to Try to Grab Personal Data From TikTok, Facebook via 404 first appeared on IG GURU.

Personal data

Personal data Risk Information Security Privacy

Security Affairs newsletter Round 242

Security Affairs

DECEMBER 1, 2019

Every week the best security articles from Security Affairs free for you in your email box. Facebook and Twitter warn of malicious SDK harvesting personal data from its accounts. A new round of the weekly SecurityAffairs newsletter arrived! Iran – Government blocks Internet access in response to the protests.

Security

Security Ransomware Communications Personal data

Evil Telegram campaign: Trojanized Telegram apps found on Google Play

Security Affairs

SEPTEMBER 10, 2023

Unlike those, the apps described in this article come from a class of full-fledged spyware targeted at users from a specific locale (China) and capable of stealing the victim’s entire correspondence, personal data, and contacts. Often, they replace crypto wallet addresses in users’ messages or perform ad fraud.

File names

File names Personal data Encryption Security

Kyivstar, Ukraine’s largest mobile carrier brought down by a cyber attack

Security Affairs

DECEMBER 12, 2023

The most important thing is that, from now on, subscribers’ personal data is not compromised. The SSU announced that it has opened criminal proceedings on the cyber attack under eight articles of the Criminal Code of Ukraine. The service provider added that the personal data of its subscribers were not compromised.

Communications

Communications Personal data Access IT

Investigator told Saudis hacked into Amazon CEO Jeff Bezos’ phone

Security Affairs

APRIL 1, 2019

The phone of the Amazon chief was hacked by Saudi Arabian authorities interested in access to his personal data, revealed the investigator hired by Jeff Bezos. In an article for The Daily Beast website, De Becker wrote that the parent company of the National Enquirer, American Media Inc.,

Personal data

Personal data Access Security IT

GDPR Article 17: What Is the Right to Erasure?

IT Governance

MARCH 30, 2023

Article 17 of the GDPR (General Data Protection Regulation) plays a distinctive yet essential role in data protection law. It enshrines “the right to erasure” (sometimes referred to as “the right to be forgotten”), which allows people to request that an organisation deletes any personal data related to them.

GDPR

GDPR Personal data Compliance Government

How Automation can help you in Managing Data Privacy

Security Affairs

OCTOBER 20, 2020

This is where data privacy comes into play and organizations are looking for data privacy management softwares that can fulfill their data privacy needs, while complying with data regulations in order to avoid fines. Tracking Personal Data.

Data Privacy

Data Privacy Privacy GDPR Compliance

EU privacy non-profit group filed complaints against TikTok, SHEIN, AliExpress, and other Chinese companies

Security Affairs

JANUARY 17, 2025

Given that China is an authoritarian surveillance state, it is crystal clear that China doesnt offer the same level of data protection as the EU. Transferring Europeans personal data is clearly unlawful and must be terminated immediately. said Kleanthi Sardeli, data protection lawyer atnoyb.

Privacy

Privacy GDPR Compliance Personal data

OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands

Security Affairs

APRIL 28, 2023

In early April, the Italian Data Protection Authority, c, temporarily banned ChatGPT due to the illegal collection of personal data and the absence of systems for verifying the age of minors. The Authority pointed out that OpenAI does not alert users that it is collecting their data.

Personal data

Personal data Privacy Access Education

UK Electoral Commission discloses a data breach

Security Affairs

AUGUST 8, 2023

The security breach began two years ago, likely in August 2021, and was discovered in October 2022 “The Electoral Commission has a duty under Articles 33 and 34 of the UK General Data Protection Regulation to notify data subjects if their data has been breached by inappropriate access, loss, or theft from our systems.”

Data breaches

Data breaches Personal data Access Risk

EU hits Meta with $1.3 billion fine for transferring European user data to the US

Security Affairs

MAY 22, 2023

Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce.

GDPR

GDPR Personal data Privacy Data Privacy

Security Affairs newsletter Round 324

Security Affairs

JULY 25, 2021

Every week the best security articles from Security Affairs free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! If you want to also receive for free the international press subscribe here.

Security

Security Ransomware Data breaches Personal data

Data leak exposes users of car-sharing service Blink Mobility

Security Affairs

DECEMBER 21, 2023

The Cybernews research team has discovered that their personal data was exposed in a leak. However, the exposed individuals must take some precautions, as their data was briefly in the wild,” Cybernews researchers write. Its metadata was then indexed by search engines and discovered by Cybernews researchers on October 17th.

Passwords

Passwords Phishing Metadata Personal data

Security Affairs newsletter Round 271

Security Affairs

JULY 5, 2020

Every week the best security articles from Security Affairs free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Asian media firm E27 hacked, attackers asked for a donation Australian ACSC ‘s report confirms the use of Chinese malware in recent attacks Magento 1.x

Security

Security Ransomware Military Personal data

Ukraine cyber police arrested a man for selling data of 300M people

Security Affairs

APRIL 28, 2023

The Ukrainian cyber police arrested a Ukraine man for selling the data of over 300 million people from different countries. The Ukrainian cyber police have arrested a man (36) from the city of Netishyn for selling the personal data and sensitive information of over 300 million people from different countries.

Sales

Sales Personal data Education Access

GDPR Article 28 Contracts: What You Need to Know

IT Governance

JULY 9, 2024

He’s also an enthusiastic data privacy and cyber security trainer. We’ve previously interviewed Andy on the UK–US ‘data bridge’ (Data Privacy Framework), a landmark ECJ (European Court of Justice) ruling on the EU GDPR and Article 30 ROPAs (records of processing activities). Find this interview useful?

GDPR

GDPR Compliance Data Privacy Privacy

Privacy notices – the ICO follows the lead of the EU data protection authorities in their interpretation of Article 13 UK GDPR

Data Protection Report

JUNE 6, 2023

This MPN and its accompanying annexes set out details of TikTok’s non-compliance with data protection law and the reasons why the ICO considered that a fine was appropriate. The ICO’s views on Article 13 The ICO’s detailed position on the Article 13 provisions is set out in Annex 3 of the MPN. Where a generic email address (e.g.

Privacy

Privacy GDPR Personal data Compliance

CJEU Rules on Processing of Sensitive Data and Compensation Under the GDPR

Hunton Privacy

JANUARY 5, 2024

Background The case related to the processing of an incapacitated employee’s personal data, including health data, by the medical service provider (“MDK”) of a health insurance fund in Germany. The CJEU also held that the rules and limitations on the processing of sensitive personal data under Article 9.2(h)

GDPR

GDPR Personal data Insurance IT

Security Affairs newsletter Round 269

Security Affairs

JUNE 21, 2020

Every week the best security articles from Security Affairs free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived!

Security

Security Military Ransomware Data breaches

Bodybuilding.com forces password reset after a security breach

Security Affairs

APRIL 23, 2019

The website offers any kind of fitness articles, exercises, workouts, and supplements. The company confirmed it has no evidence that personal customer information was accessed or misused, as a precautionary measure the company is notifying all current and former users and customers. Review your accounts for suspicious activity.

Passwords

Passwords Security Retail Personal data

Security Affairs newsletter Round 329

Security Affairs

AUGUST 29, 2021

Every week the best security articles from Security Affairs free for you in your email box. A new round of the weekly Security Affairs newsletter arrived! If you want to also receive for free the international press subscribe here.

Security

Security Ransomware Data breaches Personal data

ITALY: the Garante aligns with CNIL and DSB holding that the use of Google Analytics leads to unlawful transfer of Personal Data

DLA Piper Privacy Matters

JUNE 27, 2022

The Italian privacy authority, the Garante, deemed that the use of Google Analytics results in unlawful transfers of personal data to the United States in violation of the principles outlined in the Schrems II ruling. In Order No. The disputed facts. Code § 1881(b)(4), which subjects the company to the surveillance of U.S.

Personal data

Personal data Analytics GDPR Privacy

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 13, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Data breaches Cybersecurity

How Companies Need to Treat User Data and Manage Their Partners

Security Affairs

MAY 12, 2021

Global privacy regulations, such as the CCPA and GDPR, were enacted to ensure stricter standards when handling the personal data of consumers. Article 28 of the GDPR requires businesses to only partner with vendors to manage data with a written contract. Key Takeaways.

GDPR

GDPR Privacy Personal data Data breaches

Irish data protection commission fines Meta over 2021 data-scraping leak

Security Affairs

NOVEMBER 28, 2022

. “The Data Protection Commission (DPC) has today announced the conclusion to an inquiry into Meta Platforms Ireland Limited (MPIL), data controller of the “Facebook” social media network, imposing a fine of €265 million and a range of corrective measures.” ” reads the DPC’s press release.

GDPR

GDPR Personal data Compliance Privacy

LinkedIn confirmed that it was not a victim of a data breach

Security Affairs

APRIL 12, 2021

.” Sadly, the same news outlets caused undue damage to a second company days later when they also published strongly-worded articles claiming that audio conversations app Clubhouse also got hacked. During the weekend, researchers from Cyber News have discovered that the personal data of 1.3

Data breaches

Data breaches IT Sales Phishing

Security Affairs newsletter Round 404 by Pierluigi Paganini

Security Affairs

JANUARY 29, 2023

Every week the best security articles from Security Affairs free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! If you want to also receive for free the newsletter with the international press subscribe here.

Security

Security Data breaches Military Ransomware

Subject Access Request: Germany’s highest court widens the scope of data subject access requests in Germany

Data Protection Report

JULY 28, 2021

Germany’s highest civil court, the Federal Court Of Justice ( Bundesgerichtshof , the FCJ ), has just published a decision specifying the scope of data subject access requests (DSARs). The FCJ held that Article 15 of the EU General Data Protection Regulation (GDPR) has a broader scope than previously understood in Germany.

Access

Access GDPR Personal data Insurance

Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach

New Zealand property management company leaks 30,000 users’ passports, driver’s licenses and other personal data

Webinars

Trending Sources

GUEST ESSAY: How stricter data privacy laws have redefined the ‘filing’ of our personal data

Webinars

Personal data of thousands of users from the UK, Australia, South Africa, the US, Singapore exposed in bitcoin scam

Irish Data Protection Commission fined LinkedIn €310M for GDPR infringement

Indonesia Ratifies Country’s First Comprehensive Legal Framework for Personal Data Protection

META hit with privacy complaints by EU consumer groups

Article 28 Standard Contractual Clauses

Russian hacker Pavel Sitnikov arrested for distributing malware via Telegram

UK: New guidance on processing personal data for scientific research purposes

New Horizons in Data Protection: Malaysia’s Personal Data Protection (Amendment) Act 2024

Is it still necessary for data protection laws to have particular processing rules for specific types pf personal data?

Uniform Personal Data Protection Act Offers an Alternative Approach to Consumer Data Protection

Seiko watches 60K personal data records tick away in BlackCat ransomware heist via TheRegister

UK Information Commissioner issues letter on transfers of personal data to the U.S. Securities and Exchange Commission

Europe: EDPB issues guidelines on interplay between Article 3 and Chapter V of GDPR

Hackers Are Selling Hacked Police Emails to Try to Grab Personal Data From TikTok, Facebook via 404

Security Affairs newsletter Round 242

Evil Telegram campaign: Trojanized Telegram apps found on Google Play

Kyivstar, Ukraine’s largest mobile carrier brought down by a cyber attack

Investigator told Saudis hacked into Amazon CEO Jeff Bezos’ phone

GDPR Article 17: What Is the Right to Erasure?

How Automation can help you in Managing Data Privacy

EU privacy non-profit group filed complaints against TikTok, SHEIN, AliExpress, and other Chinese companies

OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands

UK Electoral Commission discloses a data breach

EU hits Meta with $1.3 billion fine for transferring European user data to the US

Security Affairs newsletter Round 324

Data leak exposes users of car-sharing service Blink Mobility

Security Affairs newsletter Round 271

Ukraine cyber police arrested a man for selling data of 300M people

GDPR Article 28 Contracts: What You Need to Know

Privacy notices – the ICO follows the lead of the EU data protection authorities in their interpretation of Article 13 UK GDPR

CJEU Rules on Processing of Sensitive Data and Compensation Under the GDPR

Security Affairs newsletter Round 269

Bodybuilding.com forces password reset after a security breach

Security Affairs newsletter Round 329

ITALY: the Garante aligns with CNIL and DSB holding that the use of Google Analytics leads to unlawful transfer of Personal Data

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

How Companies Need to Treat User Data and Manage Their Partners

Irish data protection commission fines Meta over 2021 data-scraping leak

LinkedIn confirmed that it was not a victim of a data breach

Security Affairs newsletter Round 404 by Pierluigi Paganini

Subject Access Request: Germany’s highest court widens the scope of data subject access requests in Germany

Stay Connected