GDPR Services report 11 Private Data breaches
– Week 33, 2019 –
This is a curated list about last week’s latest news from by our GDPR Services. Be informed about the latest 11 Private Data breaches, identified and reported publicly during Week 33, 2019.
As these Private Data breaches have a severe negative impact on any business and highly serious legal consequences, consider a these GDPR Service packages: on-demand GDPR COMPLIANCE or a recurrent monthly service of GDPR COMPLIANCE ADD-ON together with your dedicated data protection OFFICER package.
- Ikea says sorry for customer data breach
- A spokesman for Ikea Singapore said the incident occurred at 4.57pm last Thursday and that it “regretfully made an error of inserting 410 individual e-mail addresses in the ‘To’ field in an Ikea service delivery promotion e-mail sent to our customers”, making the e-mail addresses visible to all recipients of the mailer. Swedish retailer Ikea yesterday apologised to affected customers in Singapore after the company inserted 410 individual e-mail addresses in the wrong message field of a promotional mailer and sent it out.
- CafePress resets passwords months after reported data breach
- T-shirt seller CafePress has been asking customers to choose new passwords as part of an updated “password policy,” but the news came soon after reports that the site had been the victim of a data breach in February. Have I Been Pwned claimed that over 23.2 million accounts had been exposed, including email addresses, names, physical addresses and phone numbers. About 23 million accounts were apparently compromised.
- The ESA left a list of addresses, phone numbers, and email addresses exposed with no security.
- Now harassment campaigns have started against some on the list, and the ESA may be legally liable according to experts. E3 data breach that exposed 2,000 journalists’ private data puts ESA in legal crosshairs
- If you bought anything from these 19 companies recently, your data may have been stolen
- At least 19 consumer companies reported data breaches since January 2018. Many of them were caused by flaws in payment systems either online or in stores. A report published by cybersecurity firm Shape Security showed that 80-90% of the people who log in to a retailer’s e-commerce site are hackers using stolen data. This is the highest percentage of any sector examined in the report. Data breaches are on the rise for all kinds of businesses, including retailers.
Discover more trending and viral stories from our GDPR Service. The remaining Private Data breaches made news headlines. All these news related to GDPR Services happened just in the last week.
- Pearson, one of the largest publishers of print and digital textbooks, has revealed it has suffered a major data breach.
- London-based educational software maker Pearson reported on Wednesday a data breach involving about 13,000 school and university AIMSweb 1.0 accounts. Pearson data breach: details of hundreds of thousands of U.S. students hacked
- A political campaign group working to elect Democratic senators left on an exposed server a spreadsheet containing the email addresses of 6.2 million Americans.
- Data breach researchers at security firm UpGuard found the data in late July, and traced the storage bucket back to a former staffer at the Democratic Senatorial Campaign Committee, an organization that seeks grassroots donations and contributions to help elect Democratic candidates to the U.S. Senate. Democratic Senate campaign group exposed 6.2 million Americans’ emails
- Tens of thousands of Australians have had their medical histories and other private information exposed in a large data breach of a company that enabled them to participate in paid clinical trials.
- The database belonging to Neoclinical exposed approximately 37,000 people’s contact information and their responses to personal medical questions qualifying them for clinical trials, which included information about diagnoses, illicit drug use and treatments. Thousands of medical histories exposed in data breach
- Around 360 of popular sushi chain Genki Sushi’s current and former employees have been affected.
- The Personal Data Protection Commission (PDPC)’s investigations on a ransomware attack that happened last September revealed that the compromised server was an “off-the-shelf software application” that let employees view electronic payslips and for supervisors to confirm attendance of staff. Genki Sushi Fined S$16,000 For Data Breach – Staff Details Like NRIC, Bank Acct. Info, Salary Leaked
- Two people arrested after data breach of 23,000 Revenu Québec employees
- Two people have been arrested after a data breach at Quebec’s tax collection agency, affecting 23,000 past and present employees at Revenu Québec. The agency said in a statement Wednesday an employee who had access to the data as a part of his job transferred the information outside the organization. Two people arrested after data breach of 23,000 Revenu Québec employees
- Nearly 53,000 students and 3,100 educators in Naperville were affected by the breach, which occurred at a company that handles the districts’ K-8 academic assessments.
- The personal information of nearly 53,000 students and 3,100 educators in Naperville District 203 and Indian Prairie District 204 was exposed following a data breach at a company that handles the districts’ K-8 academic assessments. The company said there’s been no evidence of misuse. Data Breach Exposes Personal Info for 53,000 Illinois Students
- The city would not comment on whether or not this attack could have been an inside job.
- COLLIER COUNTY, Fla. – In a news conference Tuesday afternoon, the City Manager of Naples said the city’s financial reserves are strong, despite a ‘spear phishing attack’ that cost the city $700,000. A scammer posing as Wright Construction Group, the company the city is working with for the 8th Street South renovation project, filed a change of bank account request on June 24. That bank account was changed and an employee deposited $700,000 into the fake bank account on July 11. The city realized the attack had occurred on August 1 when Wright Construction Group followed up with the city for their payout. Naples $700K spear phishing attack: ‘No data breach occurred’