Here’s a round-up of interesting reading we found online today*;
Over 100 NHS Accounts Compromised By Phishing Attack, you can read the official statement here: NHS Digital statement on NHSmail phishing incident.
Insightful blog post, "Initial lessons learned as COVID-19 exposes critical gaps in information security"
Well written post on "Norway’s coronavirus tracing app halted by Data Protection Authority – too invasive and not useful. “This reduces our ability to fight the spread of the virus that is happening now”, warns Camilla Stoltenberg, director of the Norwegian Institute of Public Health".
Breach update, "Web skimmers found on the websites of Intersport, Claire's, and Icing. The malicious code has now been removed from all stores, but users are advised to review card statements for suspicious transactions".
Insightful blog post, "Covid-19 contact-tracing apps: the key data protection issues. Organisations intending to deploy contact-tracing apps will need to maintain high standards of privacy compliance, security and ethics to guarantee sufficient uptake and meaningful results".
Breach update, "Wiggle Data Breach – Accounts ‘Fraudulently Accessed’".
Update, "UK-US data deal puts Brexit data adequacy pact at risk. European Data Protection Board writes to MEPs saying the UK is at risk of failing to strike a post-Brexit data adequacy accord if its data protection agreements with the US don’t strike the right note".
Update, "Federal Judge Turns to Class Action Veterans to Lead Wawa Data Breach Litigation. The leaders are set to handle three tranches of litigation: one brought by consumers, another from financial institutions, and the last involving employee".
Update, "For Companies, Automating Privacy Compliance Is Easier Said Than Done. TrustArc released a new survey revealing that organizations are still struggling to understand the myriad of regulations on the privacy landscape. Automating such tasks as data subject access requests may also not be totally reliable to help organizations with these regulations".
Update, "Crypto lender BlockFi has hired Adam Healy as its new Chief Security Officer (CSO), nearly a month after it experienced a SIM card swap data breach. According to the company, Healy brings more than 15 years of experience working in national security. He comes to BlockFi from the digital asset firm Bakkt, where he was Chief Information Security Officer".
*These sites aren’t affiliated with GDPR Community and these aren’t an advertisement, they’re simply site’s we’ve thought the community might have an interest in reading.