Commentaries and Analyses – Page 504

The GDPR: When do schools need to report data breaches?

Posted on November 19, 2018 by Dissent

Luke Irwin reports: …. A major concern is the GDPR’s requirement that organisations report certain types of data breach to their supervisory authority within 72 hours of becoming aware of the incident. It’s one of the toughest rules to meet, but this blog provides you with all the details you need. Read more on IT Governance…

Prepping a Mock Notification Letter Before a Cybersecurity Breach Hits

Posted on November 16, 2018 by Dissent

Stephen Moore writes: No one in the security industry should be surprised to know that the financial and reputational impact of a breach is severe. According to a recent Harris Poll, studies show that 75 percent of consumers won’t do business with a company if they don’t trust it to protect their data. If the…

Massive Data Leaks Keep Happening Because Big Companies Can Afford to Lose Your Data

Posted on November 15, 2018 by Dissent

Erik Sherman reports: If you live in the United States, there’s almost a 50 percent chance your personal data was lost in the giant Equifax data breach a year ago of 143 million records. Google had its own data breach in October this year that exposed data on as many as 500,000 accounts. Or the…

Hackers find a way to access deleted photos on iPhones running iOS 12

Posted on November 15, 2018 by Dissent

Gadgets Now reports: At the Mobile Pwn2Own event, being held in Tokyo, Japan, a couple of hackers successfully made use of an iOS 12.1 bug to access photos from an iPhone that have been deleted. As reported by Forbes, the hackers named Richard Zhu and Amat Cama teamed up as to use the loophole and…

One in five Magecart-infected stores get reinfected within days

Posted on November 15, 2018 by Dissent

Catalin Cimpanu reports: Online stores that have been infected with the Magecart malware –known to record and steal credit card details from checkout forms– often get reinfected after clean-up operations, a recent report has revealed. “In the last quarter, 1 out of 5 breached stores were infected (and cleaned) multiple times, some even up to…

WordPress GDPR plugin inadvertently exposed sites to hackers

Posted on November 13, 2018 by Dissent

Keumars Afifi-Sabet reports: Attackers have been exploiting a flaw in a WordPress GDPR-compliance plugin to hijack vulnerable websites and implement remote code execution. The flaw had been present in Wordfence’s GDPR Compliance plugin for at least four months and, ironically, allowed hackers to gain access to a site using the tool. Hackers could then execute any…