Alex Scroxton reports:
Employees and former employees of the UK business of Japanese cosmetics firm Shiseido who found their personal information had been exposed in a data breach are being asked to come forward to take part in a proposed group legal action against the company.
The breach took place in the spring of 2022 and was notified to the Information Commissioner’s Office (ICO) in mid-April. This was supposedly in line with reporting regulations, which require the ICO to be told of impactful breaches within 72 hours, but according to reports at the time, employees had alleged that Shiseido was aware of the incident a month earlier than that.
Read more at ComputerWeekly.