Data

Health secretary claims existing data protection law is good enough to guarantee the security of contact-tracing data

https://www.computerweekly.com/news/252483536/Hancock-to-Harman-No-contact-tracing-privacy-law

Labour has demanded an investigation by the government into the data breach by outsourcing firm Serco that saw the email addresses of almost 300 coronavirus contact tracers accidentally shared.

https://labourlist.org/2020/05/labour-demands-investigation-of-data-breach-by-outsourcing-firm-serco/

Human Rights Committee Chair Harriet Harman says current data protection law is not up to the job of governing the data collected by the Covid-19 contact-tracing app

https://www.computerweekly.com/news/252483355/GDPR-wholly-inappropriate-to-govern-contact-tracing-data

National Cyber Security Centre has received mountains of feedback on the security of the government’s Covid-19 contact-tracing app, and has now taken the step of making multiple disclosures

https://www.computerweekly.com/news/252483418/NCSC-discloses-multiple-vulnerabilities-in-contact-tracing-app

Action Fraud has been made aware by the National Cyber Security Centre of the cyber breach affecting EasyJet customers. We’re currently monitoring our system for EasyJet related reports to see if there has been a significant increase.

https://www.actionfraud.police.uk/alert/how-to-protect-yourself-if-you-think-youve-been-affected-by-the-easyjet-cyber-breach

EasyJet has admitted that a "highly sophisticated cyber-attack" has affected approximately nine million customers.

Almost 90% of data breaches are motivated by the prospect of financial gain, but cyber criminals have clearly defined breach pathways, giving the good guys an advantage if they care to use it

https://www.computerweekly.com/news/252483207/Vast-majority-of-cyber-attacks-are-easy-to-stop-says-Verizon

Businesses in the British Isles are likely to welcome the landmark decision of the UK Supreme Court on 1 April 2020[1] that WM Morrison Supermarkets was not vicariously liable for the damage caused to members of its staff as a result of the misappropriation of their personal information by a colleague.

https://www.ogier.com/publications/landmark-uk-supreme-court-decision-on-vicarious-liability-for-action-of-employee?utm_source=Mondaq&utm_medium=syndication&utm_campaign=LinkedIn-integration

More governments in Asia are implementing data protection regimes, but challenges such as checkbox compliance and the lack of effective staff training remain

In 2019, login pages were the prime target of fraudsters across different verticals. They were using bad bots to carry out two types of online fraud: account takeover to steal PII and payment card details; and fake account creation to validate stolen payment card details (carding attacks) or cash out stolen cards.

https://securitybrief.co.nz/story/here-s-how-human-like-bots-perform-online-fraud