Sectors Archive
Under the GDPR (General Data Protection Regulation), all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. Additionally, there are circumstances in which schools must report breaches to …
Earlier this year, NHS Digital confirmed that it was extending the 2020/2021 assessment period for DSP (Data Security and Protection) Toolkit until 30 September in light of the COVID-19 pandemic. Organisations now have until March 2021 to achieve compliance. In …
The coronavirus pandemic has arguably affected the education sector more than any other, with schools, colleges and universities around the globe having been forced to close their doors and deliver classes remotely. Most of the discussion surrounding this has focused …
Public Health Wales has confirmed that it accidentally published the personal data of 18,105 people who tested positive for coronavirus. The information was accessible on a publicly accessible server for 20 hours on 30 August. In most cases, patients’ initials, …
Newcastle University is being held to ransom after its systems were infected with malware earlier this month. The DoppelPaymer ransomware gang breached the university’s systems on 4 September, and later that day stole backup files. The university has apologised for …
A survey has found that 54% of UK universities reported a data breach to the ICO (Information Commissioner’s Office) in the past 12 months. Of the 86 universities that responded to a Freedom of Information request from security firm Redscan, …
Online retailers and other organisations using ecommerce functionality must prepare for the threat of formjacking, Symantec has warned, after detecting 3.7 million instances of the attack method in 2018. Formjacking works by inserting malicious JavaScript code into the payment form …
At this year’s ASCL (Association of School and College Leaders) conference, a guest said to us: “The GDPR? Wasn’t that last year?” Our heads fell into our hands. How was it possible for someone to be so misguided about such a …
Organisations that accept online payments must urgently address the threat of web-based skimming, the PCI SSC (Payment Card Industry Security Standards Council) has warned. The alert, issued in partnership with the Retail & Hospitality ISAC (information sharing and analysis centre …
With the legal sector reporting an increase in targeted attacks in 2018, information security management remains a serious issue for law firms. The confidential information and large volumes of client funds they hold are highly desirable to cyber criminals, so …
