MyBroadband follows up on a story initially broken by ITWeb yesterday. They now report: The South African division of US-based consumer credit bureau TransUnion has suffered a ransomware attack. In a statement on Thursday, the company acknowledged that a third party had gained access to one of its servers through misuse of an authorised client’s credentials. “We…
Category: Business Sector
Hidden privacy lessons in the FTC’s CafePress security enforcement
Cobun Zweifel-Keegan writes: In its most recent cybersecurity enforcement decision, the U.S. Federal Trade Commission announced a draft settlement agreement with the current and former operators of the customized merchandise website CafePress.com. Although the unanimous consent order focuses primarily on the company’s lax security practices, which allegedly led to multiple data breaches, there are also a few…
Facebook fined $18.6M over string of 2018 breaches of EU’s GDPR
Natasha Lomas reports: Facebook’s parent company, Meta, has been fined €17 million (~$18.6 million) by the Irish Data Protection Commission (DPC) over a string of historical data breaches. The security lapses in question, which appear to have affected up to 30 million Facebook users, date back several years — and had been disclosed by Facebook…
FTC Takes Action Against CafePress for Data Breach Cover Up and Poor Security
The FTC has taken enforcement action against CafePress stemming, in part from a 2019 data breach previously reported on this site. In December, 2020, seven states settled charges with CafePress. The Federal Trade Commission today took action against online customized merchandise platform CafePress over allegations that it failed to secure consumers’ sensitive personal data and…
Ireland’s privacy watchdog sued for inaction over ‘massive Google data breach’
Natasha Lomas reports: Ireland’s evasive response to a major security complaint filed against Google’s adtech the year the European Union’s General Data Protection Regulation (GDPR) came into application is the target of a new lawsuit — which accuses the Data Protection Commission (DPC) of years of inaction over what the complainants assert is “the largest…
The Human Factor in Data Security Breaches
Breaches involving the pharma sector may or may not involve patient data, but as we saw early on the pandemic, hitting the pharma sector when it is working on developing vaccines, testing vaccines, or distributing vaccines can have significant national and global health implications. Julian Upton reports: The pandemic’s exacerbation of the pharmaceutical industry’s exposure…