The European Parliament’s headache over a major human resources data breach earlier this year just won’t fade. Austria-based digital rights group noyb on Thursday said it had filed two complaints against the European Union institution for infringing the bloc’s flagship privacy law, the General Data Protection Regulation (GDPR), over a data breach discovered before the summer.
In June, Parliament notified up to 9,000 staffers that it had suffered a data breach of its recruitment application PEOPLE, which contained staffers’ ID details, birth certificates, employment history, medical records, marriage certificates — which revealed sexual orientation — and proof of work dating back 10 years.
Read more…
Source: Politico Europe
Related:
- Third-Party Breach and Missing MFA Contributed to British Library Cyber-Attack
March 11, 2024
The British Library ransomware attack was likely caused by the compromise of third-party credentials coupled with no multifactor authentication (MFA) in place to stop the attackers, despite previous warnings about these risks. This is according to a British Library report that sheds new light on the October 2023 attack, which shut down digital services and breached ...
- Duvel forced to shut breweries after cyber attack
March 9, 2024
Belgian brewer Duvel has insisted it will have enough beer to keep supply flowing after it was hit by a cyber attack that brought production to a standstill. The company, one of the best-known Belgian beer brands, was hit by a suspected ransomware attack on Tuesday night that shut down five of its production facilities, four ...
- Belgium’s largest coffee roaster falls victim to cyber attack
March 8, 2024
Coffee Beyers from the Belgian town of Puurs-Sint-Amands has fallen victim to a cyber attack. Hackers managed to break into the company’s computer systems on Thursday. Cybercriminals are clearly targeting Belgian beverage producers this week. During the night from Tuesday to Wednesday, brewery Duvel Moortgat found traces of a break-in on its servers. Read more… Source: Techzine
- Jersey data breach leaks personal information
March 7, 2024
A data breach at Jersey’s Financial Services Commission has allowed access to non-public names and addresses. The organisation confirmed a “vulnerability” was detected in its Registry system on 23 January. It said the leak did not link any individuals to registered entities or roles held and that it had separately written to those whose names and addresses ...
- Italy privacy watchdog fines Unicredit $3.1 million for data breach
March 7, 2024
Italy’s data protection authority has fined UniCredit, the country’s second-largest bank, 2.8 million euros ($3.1 million) for a data breach case in 2018 affecting thousands of customers and former customers, it said on Thursday. The bank responded that it would appeal the decision to court, adding that no bank data had been compromised and the incident ...
- Capita shares sink as outsourcing giant swings to £107m loss, takes £25m hit from cyber attack
March 6, 2024
Capita has incurred £25.3m in costs tied to a cyber attack last March as the outsourcing giant swung to an annual loss and ramped up its cost-cutting programme. Shares fell 16 per cent on Wednesday morning. The group, which runs key local government, military and NHS services, posted a pretax loss of £106.6m for 2023, compared ...