Filter news by category
A former insurance company employee who stole customer details and sold them to claims management companies has been jailed.
Karl Yates, 40, of no fixed abode, accessed customer data associated with non-fault road traffic claims from Royal Sun Alliance (RSA) systems while employed by them, when he was not authorised to do so.
A group of cyber criminals known for undertaking ransomware attacks on businesses has notified a US regulator about an alleged cybersecurity breach it was responsible for, alleging that the victim also failed to comply with data breach reporting requirements.
https://www.pinsentmasons.com/out-law/news/hackers-blow-regulatory-whistle-over-data-breach
A recent ruling by Belgium’s data protection authority has highlighted the importance of having data processing agreements in place to govern data processing arrangements from the point they take effect, an expert has said.
https://www.pinsentmasons.com/out-law/news/data-processing-agreements-cannot-be-retrospectively-applied-under-the-gdpr
The FCA has fined Equifax Ltd (Equifax) £11,164,400 for failing to manage and monitor the security of UK consumer data it had outsourced to its parent company based in the US. The breach allowed hackers to access the personal data of millions of people and exposed UK consumers to the risk of financial crime.
https://www.fca.org.uk/news/press-releases/equifax-ltd-fine-cyber-security-breach
Businesses found to have breached UK data protection laws when falling victim to cyber attacks could receive lower fines in respect of those infringements if they engage appropriately with the UK’s National Cyber Security Centre (NCSC), under a new agreement forged by the NCSC and the UK’s data protection authority.
https://www.pinsentmasons.com/out-law/news/uk-gdpr-fines-linked-ncsc-engagement
Businesses operating in the UK face enforcement action under data protection, consumer protection and competition law if their design of websites and apps leads to user risks or harm, two authorities have warned.
In a joint blog post, Stephen Almond, executive director for regulatory risk at the Information Commissioner’s Office (ICO) and Will Hayter, the Competition and Market Authority’s (CMA’s) senior director in its Digital Markets Unit, said they want to see “improvements” in digital design practices.
A new framework designed to promote business between the UK and US, by facilitating the free flow of personal data between the two countries, will begin to apply from 12 October.
The UK-US ‘data bridge’ is an extension to the EU-US Data Privacy Framework (DPF), which was adopted and took effect in July.
The European Commission has formally endorsed the EU-US Data Privacy Framework (DPF) in a move designed to support trans-Atlantic data flows.
https://www.pinsentmasons.com/en-gb/out-law/news/privacy-shield-2-eu-us-adopted
A woman whose data was stolen has described how criminals threatened to post naked photos of her online.
Louise, from south Wales, was one of the 500-plus current and former staff of cosmetics giant Shiseido whose data was stolen in a breach.
The UK Information Commissioner’s Office (ICO) has issued new guidance for employers on how to handle subject access requests (SARs).
https://www.pinsentmasons.com/out-law/news/ico-guidance-subject-access-requests
Search articles by keyword
Midlands Fraud Forum Ltd. Reg.No: 06436330 Copyright © 2023 Disclaimer & Privacy Policy