The European Parliament’s headache over a major human resources data breach earlier this year just won’t fade. Austria-based digital rights group noyb on Thursday said it had filed two complaints against the European Union institution for infringing the bloc’s flagship privacy law, the General Data Protection Regulation (GDPR), over a data breach discovered before the summer.
In June, Parliament notified up to 9,000 staffers that it had suffered a data breach of its recruitment application PEOPLE, which contained staffers’ ID details, birth certificates, employment history, medical records, marriage certificates — which revealed sexual orientation — and proof of work dating back 10 years.
Read more…
Source: Politico Europe
Related:
- UK: Basic IT security failings left electoral register vulnerable
July 30, 2024
Basic IT security failings allowed Chinese state-linked hackers to access the election watchdog’s register containing the details of 40 million voters. The Information Commissioner’s Office (ICO) said the Electoral Commission had failed to keep its servers updated, allowing hackers to exploit the vulnerability. The National Cyber Security Centre (NCSC), part of GCHQ, has previously said it ...
- UK: 48 cyber breaches of utility companies recorded last year, a 586% increase on 2022
July 29, 2024
The number of successful cyber attacks against UK utility companies has risen to 48 in 2023, a 586% increase on the seven cases in 2022, says global specialty (re)insurance group Chaucer. So far these cyber attacks have been largely restricted to the theft of data or ransomware attacks. There have been concerns that cyber attacks designed ...
- Northern Ireland: Man arrested in connection with PSNI data breach
July 29, 2024
Detectives investigating criminality linked to the PSNI data breach have arrested a 54-year-old man. Data relating to all 9,483 PSNI officers and staff was mistakenly included in a spreadsheet published online last August in response to a freedom of information request. The list included the surname and first initial of every employee, their rank or grade, ...
- Investigators probe suspected sabotage of French fiber optic network
July 28, 2024
The disruptions occurred early Wednesday, hitting several — but not all — internet operators. Authorities suggested the damage to the cables was intentional. The prosecutor’s office opened a preliminary investigation on charges of “damaging goods of a nature of harming the fundamental interests of the nation,” as well as “obstruction of an automatic data processing system” ...
- Guernsey: Warning after spike in cyber-attacks
July 25, 2024
Authorities have warned organisations to take extra measures to protect their IT systems after a spike in cyber-attacks in Guernsey. The Office of the Data Protection Authority (ODPA) said some Microsoft 365 systems had been compromised by phishing attacks, where someone is tricked into giving out information over email. It warned criminals were becoming increasingly adept ...
- Russian banking sector faced DDoS attack planned from abroad
July 24, 2024
The Russian banking sector was exposed to a DDoS attack planned from overseas, the VTB Bank press service told TASS. “The banking sector was exposed to the DDoS attack orchestrated from overseas. A minor share of VTB clients faced individual constraints in operations of bank apps due to the high load on the infrastructure of Internet ...