Luke Irwin Archive
Last month, Life at Parliament View was fined £80,000 by the ICO (Information Commissioner’s Office) after security errors exposed 18,610 customers’ personal data for almost two years. The incident occurred when the London-based estate agency transferred personal data from its …
The GDPR (General Data Protection Regulation) hasn’t exactly crept up unnoticed over the past year or so, but it’s still caught many organisations by surprise. Some mistakenly thought that it would only affect large organisations, others doubted that the much-discussed …
As we approach 31 October and the revised Brexit deadline day, you’ll see more and more stories pop up about previously under-reported ways that the UK’s departure from the EU will affect organisations. The latest concerns are about how UK …
Anti-malware technology is one of the most basic cyber security mechanisms that organisations should have in place, but according to IT Governance’s 2019 Cyber Resilience Report, 27% of respondents haven’t implemented such measures. This finding is even more surprising given …
The past three years of Brexit negotiations have largely proved William Goldman’s adage that “nobody knows anything”. No one can tell you what Brexit will entail and very little has been finalised. Sure, there has been a flurry of recent …
A security researcher has identified major flaws in many organisations’ DSAR (data subject access request) procedures. James Pavur contacted dozens of UK and US-based companies to request personal information about his fiancée in order to see how they would respond. …
The first 72 hours after you discover a data breach are critical. Why? The EU GDPR requires all organisations to report certain types of personal data breach to the relevant supervisory authority. More specifically, Article 33 dictates that, in the event …
The digital bank Monzo has told 480,000 customers to change their PINs after it discovered an error that allowed unauthorised staff to view sensitive information. Monzo said that it normally stored PINs in a “particularly secure” part of its systems …
Organisations that accept online payments must urgently address the threat of web-based skimming, the PCI SSC (Payment Card Industry Security Standards Council) has warned. The alert, issued in partnership with the Retail & Hospitality ISAC (information sharing and analysis centre …
Does the idea of being paid to hack into organisations’ systems sound appealing? Why wouldn’t it? The pay is good, it’s creative and you get to test your skills every day. But we’re not advocating that you break the law. …
