Scroll Top

GDPR Services report 15 Private Data breaches – WEEK 22, 2019


GDPR Services report 15 Private Data breaches

– WEEK 22, 2019 –

This is a curated list about last week’s latest news from by our GDPR Services. Be informed about the latest 15 Private Data breaches, identified and reported publicly during WEEK 22, 2019.

As these Private Data breaches have a severe negative impact on any business and highly serious legal consequences, consider a these GDPR Service packages: on-demand GDPR COMPLIANCE or a recurrent monthly service of GDPR COMPLIANCE ADD-ON together with your dedicated data protection OFFICER package.


on-demand GDPR Services

A Partner You Can Depend on to Help Your Organisation Meet GDPR Compliance. Industry leaders. Award-winning experience. All you need to know, to keep your business safe.

  • Researchers discovered in early April an unprotected Elasticsearch node on the Investment Week website.
    • Two weeks later, on 18 April 2019, they probed manually and found a database containing approximately 330,000 unprotected records of sensitive personal user information: Full names, Email addresses, Subscription information, City, Phone number, Company Country. The records contained unsalted, md5 hashed passwords. All passwords have been reset as a result. UK’s Investment Week data leak: 330k user records exposed and Potential data breach management

  • The news aggregator Flipboard was breached and hackers stole user credentials from its servers.
    • The event went undetected for nine months and was only found after a second intrusion was discovered. The issue here is because of how the site operates, these credentials include links to social media and other accounts of each user. The company said it had not seen unauthorized access to third-party accounts. All passwords and third-party tokens have been reset as a precaution, even though not every user was impacted. NOTICE OF SECURITY INCIDENT

  • Hackers had breached the network of Perceptics. Given the kind of data collected by these systems, it is a major breach.
    • The company is the major supplier of automated license plate reader technology for US Customs and operates at dozens of our border crossings. The company confirmed the breach but provided no specific details. Reporters at The Register broke the story and offered evidence that the stolen data appears to be legit. “The nature of the company’s business – border security data acquisition, commercial vehicle inspection, electronic toll collection and roadway monitoring – means that it’s likely to have a significant amount of sensitive information.” Maker of US border’s license-plate scanning tech ransacked by hacker, blueprints and files dumped online

  • One of the largest real estate title companies has been using extremely poor security for years.
    • One website operated by First American Financial Corp. had designed their database so that anyone who knew the URL for a valid document could view other documents easily. These documents contain SSNs, bank accounts, and other personal financial data. Hundreds of millions of files could have been accessed. The company acknowledged a “design defect” and removed the website to work on a fix. First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records



Compliant and sustainable long-term GDPR operational behaviour. Have a rock-solid foundation for privacy procedures and GDPR mandate compliance.

Discover more trending and viral stories from our GDPR Service. The remaining Private Data breaches made news headlines. All these news related to GDPR Services happened just in the last week.

  • Docker Hub Suffers a Data Breach, Asks Users to Reset Password

  • Mailing Error for Inmediata, While Reporting Health Data Breach

  • Quest Diagnostics suffered a major data breach that began last August.

  • A large collection of Instagram users’ data has been leaked online.

  • The drive-thru restaurant chain Checkers/Rally suffered a data breach.
    • Malware was placed on the payment processing system at more than 100 stores, which is about 15 percent of the total in the combined chain. The company posted the locations and time frames, and said possible payment card data could have been compromised. Some stores were breached in 2016. NOTICE OF DATA BREACH



data protection OFFICER

Identify high-risk problems. Taking access and rights management into serious consideration is the foundation for a safely guarded online presence throughout your domain.

Do you have any questions about our GDPR Service or related to GDPR Services in general? Leave your thoughts about these Private Data breaches in the comments below!

Related Posts