06/05/20 GDPR Community Round-Up

Here’s a round-up of interesting reading we found online today*;

• Computer Weekly report on GoDaddy owning up to October 2019 data breach. Cybercriminals breached the systems of web hosting services provider and domain registrar GoDaddy almost seven months ago, with thousands of hosting accounts accessed by an unauthorised individual.

• Reuters the Business software group behind SAP disclosed on Tuesday that some of its cloud products did not meet contractual or statutory security standards and said it would take remedial action to fix the problem as soon as possible. They’ve stated there was no data breach.

• Security InfoWatch posts about the new all-in-one guide used by global organizations as a primary reference for Information Security Best Practices. The Information Security Forum (ISF) releases a standard of good practice of 2020.

• JD Supra report on Dutch Data Protection Authority Issues Hefty Penalty for Employee Fingerprint Scans. the District Court of Amsterdam reprimanded a shoe store chain last summer for using fingerprint scans to access the tills, Dutch Department store chain HEMA decided to ban these scans at the end of 2019. It had intended to roll out the use of fingerprints for punch clocks and tills in all of its stores.

• Racounter put together a good post on Biometrics."Biometric technology could transform digital authentication, but misconceptions about privacy breaches, accuracy levels and security risks may hinder its widespread adoption…"

• Website BobsComputers reports, “The UK government need to create rules around biometric technologies to determine how they are used, said Hugh Milward, director of corporate, external and legal affairs at Microsoft UK, during a panel on developing governance for biometrics at a Westminster eForum policy conference today”.

• The official handle of Aarogya Setu, the contact-tracing app developed by the National Informatics Centre (NIC) under the Ministry of Electronics and Information Technology, asserted late on Tuesday that “no data or security breach had been identified” in the app. Aarogya Setu was alerted “by an ethical hacker of a potential security issue in the app”, which they discussed with him, but “no personal information of any user has been proven to be at risk”.

*These sites aren’t affiliated with GDPR Community and these aren’t an advertisement, they’re simply site’s we’ve thought the community might have an interest in reading.