10/06/20 GDPR Community Round-Up

Here’s a round-up of interesting reading we found online today*;

• "Nintendo Admits Data Breach Was Nearly Twice as Bad as First Thought. Nearly twice as many accounts were affected by the recent Nintendo security breach as previously thought. In a post on its Japanese support site (via Eurogamer), Nintendo admitted that "there were approximately 140,000 additional [Nintendo Network IDs] that may have been accessed maliciously." Kotaku reports

• BBC reports "Babylon Health has acknowledged that its GP video appointment app has suffered a data breach. The firm was alerted to the problem after one of its users discovered he had been given access to dozens of video recordings of other patients' consultations".

• Keepnet Labs confirms contractor exposed ‘data breach database’ of 5 billion records. A UK-based cybersecurity firm that threatened legal action against a security blogger has confirmed that a contractor temporarily exposed a database containing five billion email addresses and passwords collated from previous data breaches. Belgian DPA Publishes Guidance on Temperature Checks for COVID-19 Monitoring reported by Verdict

• French Supervisory Authority Provides Guidance on Personal Data Processing by Employers Amidst Post-Lockdown Return to Work

• A new report from PWC finds US Companies ramping up GDPR budgets. PwC recently conducted a pulse survey of 200 CIOs, CISOs, General Counsels, CCOs, CPOs and CMOs from US companies with more than 500 employees. The survey asked the c-suite about their plans for Europe’s landmark GDPR. The “pulse” revealed five surprising results

• Update, "Marketing-tech firm Bombora is suing a rival for allegedly collecting people's data illegally"

• Interesting blog post, "Legal, Fintech Collaborations Point to Future for Highly Specialized Partnerships. Dentons announced it was partnering with process management provider eClerx Market, an arrangement that could be more common as tech and process challenges become more specialized across industries".

• Update, "A Landmark Ruling in Brazil: Paving the Way for Considering Data Protection as an Autonomous Fundamental Right".

• Insightful blog post "The Increasing Threats to Data Privacy and Security During the Pandemic. More people than ever are being duped, and organizations are left more vulnerable to attacks as threats to data privacy and security noticeably continue to increase. Here are some of the emerging challenges in the cybersecurity landscape and tips on how to avoid them".

• Insightful blog post "Organizations are creating the perfect storm by not implementing security basics. European organizations have a false sense of security when it comes to protecting themselves, with only 68% seeing themselves as vulnerable, down from 86% in 2018, according to Thales".

• Interesting reading, "Storytelling for early-years cybersecurity. After the ubiquity of internet access for children of all ages during the COVID-19 lockdown, Wendy Goucher, BCS author, harnesses the power of stories to open a discussion about cybersecurity".

• A new report finds "More than 100 executives at a multinational company that’s part of a German task force for creating coronavirus protective gear, were targeted in an ongoing phishing attack. Researchers are warning of an ongoing phishing attack that’s targeting the credentials of more than 100 high-profile executives at a German multinational corporation that’s tasked with procuring coronavirus medical gear for Germany".

• Interesting blog post "Cybersecurity needs more women role models, says the report. A report compiled by security assurance organisation Crest highlights the progress made on gender diversity in cybersecurity, and offers pointers for next steps".

*These sites aren’t affiliated with GDPR Community and these aren’t an advertisement, they’re simply site’s we’ve thought the community might have an interest in reading.