NEWS & UPDATES

A key question right now is whether there is a Ticketmaster GDPR fine on the horizon. With the Ticketmaster data breach being the big data news recently, what punishments are they set to face?

We’ve already taken cases on for victims of the Ticketmaster data breach, and although any fine or penalty issued by the UK’s data watchdog, the Information Commissioner’s Office (ICO), is independent of the legal action we’re taking, we’re closely monitoring the ICO developments.

Given the dates that the data was exposed, they could be set for a GDPR fine, and we think this would be justified.

Read More

The Ticketmaster data breach may well be this year’s big data breach incident. This week, Ticketmaster reached out to customers and admitted a huge data breach potentially affecting thousands of people.

It’s understood that the Ticketmaster data breach stems from a third-party security breach at a supplier. They say that malicious software was found on a “customer support product” hosted by a company named Inbenta Technologies.

People who used the service between February 2018 and June 2018 may be affected, and the nature of the data compromised in this breach is serious.

Read More

Unless you’ve not been paying attention to recent news, there has been a huge Dixons Carphone data breach.

The data breach is thought to have affected almost six million people’s data: that’s the data for some 5.9 million payment (debit and credit) cards being exposed, as well as 1.2 million personal data records being exposed as well.

Of the millions of credit and debit card details exposed, more than 100,000 apparently did not have chip-and-pin protection, leaving them in a potentially more vulnerable position of fraud.

Read More

Should the ICO have greater powers? This is one of the many questions being asked as we continue to swim through the wreck of the Facebook / Cambridge Analytica data scandal.

It’s understood that the UK’s Information Commissioner’s Office (ICO for short) were in the midst of complex investigations surrounding the use of data in political campaigns when the scandal broke. The ICO are asking for greater powers to allow them to keep up with the pace of developments in such matters, and with the GDPR that came into force last month that empowers regulators to be able to better audit any organisations using data – which, let’s face it, is all of us really – should the ICO have greater powers still?

Read More

A former Recruitment Consultant has been fined and criminally charged after he illegally obtained data from a job he left.

According to the ICO’s publication report, Daniel Short left a recruitment firm he had been working for, VetPro Recruitment, toward the end of last year and then established his own company named VetSelect.

With his former employee having concerns about the obvious similarities of the companies, and the fact that they hold the data for more than 16,000 vets and nurses for recruitment purposes, they investigated whether Mr Short had taken any data before he left.

Read More

The UK’s data watchdog, the Information Commissioner’s Office (ICO), has reportedly only collected half of data breach fines since 2010.

One of the major problems the ICO is apparently facing is the organisations who are responsible for the data breaches going into liquidation and avoiding large fines, which the ICO has little power to stop. Despite the ICO asking the government for the power to enforce fines against company directors, something the government reportedly said they would look at in 2016, they remain unable to pass fines on to bosses, leaving a large loophole in the data breach justice system.

Read More

The study’s findings claim that millions of children are victims of identity fraud that can lead to families being millions of pounds out of pocket. The study also indicated that children can be far more likely to have their information compromised, and researchers saying that children are targeted more because they offer a “blank slate” when it comes to their identities and financial histories.

Read More

The ICO has issued “record fines” over an illegal trade of personal data that involved “rogue private investigators” illegally obtaining financial information for an individual who’d claimed on an insurance policy for a fire at a business premises they owned.

A director and a senior member of staff, together with the private investigators, have been hit with record fines for unlawfully obtaining and disclosing personal data. The investigation reportedly started in 2013 when the Serious Organised Crime Agency passed over a list of ‘blue chip’ clients of criminal private investigators to the ICO.

Read More

The WhatsApp agreement to stop sharing data with Facebook was hailed as a success for data protection rights when the UK Information Commissioner’s Office (ICO) investigated issues over consent for the sharing of data between the two platforms.

WhatsApp signed an undertaking (a formal agreement / promise) to confirm they would stop sharing data with Facebook until they could do so in compliance with this month’s GDPR changes.

Facebook acquired WhatsApp in 2014, but a move like that does not automatically allow for consent to share data.
Read More

Data breaches are soaring, and only better cybersecurity and improved data protection training and protocols is going to stop the crisis worsening.

Almost every day we are seeing yet another breach somewhere around the world. With cyber-criminals getting smarter, and with many investing their ill-gotten gains back into their “business” to create more powerful tools, something needs to be done.

The new GDPR rules coming into force next month may be the catalyst needed for organisations to take cybersecurity more seriously.
Read More

It isn’t just data from hacks and breaches that can give a criminal enough information to scam you; it can also be the wealth of data on social media platforms like Facebook that they use as well.

Sometimes, for a person to become a victim of fraud or identity theft, it can come down to a case of a cyber-criminal being able to obtain enough information about a person from various sources. One source could be from a hack or breach – which could from large-scale breaches such as telecommunications providers or dating websites. This can then be combined with another data source which we willingly put out there on the internet for all to see… On social media sites for example.
Read More

Greater restrictions are set to be in place for the international transfer of data when the new GDPR comes into force next month. Current legislation already imposes restrictions and caveats on data transferred outside the EU, but the new changes are set to ensure that the additional protection GDPR allows for is not undermined outside of Europe.

In an increasingly globalised society, it’s easy for data to be fired around the world in a matter of seconds, but data moved outside of the UK cannot be allowed to be more vulnerable.
Read More