Privacy regulators in Germany have slammed clothing retailer H&M with a $41 million fine for collecting and retaining private employee data in violation of the EU's General Data Protection Regulation. H&M has apologized, instituted changes and promised to financially compensate employees.
A recently uncovered phishing campaign used the European Union's General Data Protection Regulation as a lure to steal login credentials. The campaign enticed victims with subject lines indicating their email security system was not in compliance with the law, according to Area 1 Security.
What's one of the worst things that can happen during a pandemic? The answer is anything that gives people less reason to trust in their public health system to handle the crisis. Enter a data breach that has exposed personal information for everyone who's ever tested positive for the disease in Wales.
The number of cybersecurity incidents reported to the U.K.'s data privacy watchdog has continued to decline, recently plummeting by nearly 40%. But is the quantity of data breaches going down, or might organizations be failing to spot them or potentially even covering them up?
The latest edition of the ISMG Security Report analyzes why ransomware gangs continue to see bigger payoffs from their ransom-paying victims. Also featured: Lessons learned from Twitter hacking response; security flaw in Amazon's Alexa.
Marriott faces another lawsuit, filed in Britain, over the breach of its Starwood guest reservation system. The breach ran from 2014 to 2018 - Marriott acquired Starwood in 2016 - and exposed personal information for an estimated 7 million customers in the U.K.
Scammers have reportedly been putting one over on customers of the famous Ritz London, which says it is "aware of a potential data breach within our food and beverage reservation system, which may have compromised some of our clients' personal data." No payment card data was exposed, it says.
The U.K.'s privacy watchdog is probing banking giant Barclays over its use of employee monitoring tools after the bank in February reportedly shifted from anonymized tracking to giving managers the ability to view data for individual employees.
Download this report to learn how to manage unique security challenges posed by mission-critical operational environments containing IP-enabled devices and complex, interconnected networks and use unified visibility and systems to stay ahead of risks.
Will the COVID-19 pandemic lead to a spike in the number of reported data breaches? Not necessarily, says cybersecurity expert Brian Honan. But he says that the rush to adopt cloud-based services and expanded remote services might change the types of breaches being reported.
"Where do I start?" It's the most common question posed by data protection professionals tasked with leading a new data privacy management effort. Whether it's developing a data inventory, drafting a breach notification plan, or selecting controls to implement, a good place to start is with the NIST Privacy...
The latest edition of the ISMG Security Report analyzes the hacking of Dave, a mobile banking app. Plus: Sizing up the impact of GDPR after two years of enforcement and an assessment of IIoT vulnerabilities.
Now that it's been two years since enforcement of the European Union's General Data Protection Regulation began, three attorneys - Kelsey Finch, Jonathan Armstrong and David Dumont - reflect on the lessons learned so far and the compliance gaps that still need to be addressed.
With so many employees working from home during the COVID-19 pandemic, vendors of time-tracking and productivity-monitoring software report surging interest in their wares. Regardless of whether organizations deploy light-touch or more Big Brother types of approaches, beware potential privacy repercussions.
In this session, Cordery law firm partner Jonathan Armstrong will review some of the legal and compliance issues for European enterprises in the post-pandemic era, including:
The unique risks associated with returning to the office
Increased security and litigation risks related to device and...