The European Parliament’s headache over a major human resources data breach earlier this year just won’t fade. Austria-based digital rights group noyb on Thursday said it had filed two complaints against the European Union institution for infringing the bloc’s flagship privacy law, the General Data Protection Regulation (GDPR), over a data breach discovered before the summer.
In June, Parliament notified up to 9,000 staffers that it had suffered a data breach of its recruitment application PEOPLE, which contained staffers’ ID details, birth certificates, employment history, medical records, marriage certificates — which revealed sexual orientation — and proof of work dating back 10 years.
Read more…
Source: Politico Europe
Related:
- Estonian state continuing to collect personal telecoms data
August 4, 2023
Obtaining data from telecoms firms in the course of criminal investigations in Estonia still goes on, despite stricter limits put in place by the European Union from last year. In April 2022, the European Court of Justice (ECJ) found that the wholesale storage of personal data, even in the interests of fighting crime, runs counter to ...
- Terrorism and cyber attack warning as 25 biggest threats facing Ireland revealed
August 3, 2023
Ireland faces an increased threat from terrorism and cyber-attacks – because we spend so little money on defence, the government has admitted. This year’s national risk assessment also finds that Ireland faces 25 different potential threats – from terrorism to financial instability, as well as climate change, AI and even housing problems. Read more… Source: Irish Mirror
- CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities
August 1, 2023
The Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian National Cyber Security Centre (NCSC-NO) have released a joint Cybersecurity Advisory (CSA), Threat Actors Exploiting Ivanti EPMM Vulnerabilities, in response to the active exploitation of CVE-2023-35078 and CVE-2023-35081 affecting Ivanti Endpoint Manager Mobile (EPMM) (formerly known as MobileIron Core). Threat actors can chain these vulnerabilities to ...
- UK spy agencies want to relax ‘burdensome’ laws on AI data use
August 1, 2023
The UK intelligence agencies are lobbying the government to weaken surveillance laws they argue place a “burdensome” limit on their ability to train artificial intelligence models with large amounts of personal data. The proposals would make it easier for GCHQ, MI6 and MI5 to use certain types of data, by relaxing safeguards designed to protect people’s ...
- Capita boss quits as fine looms for huge hack of confidential data
July 31, 2023
The chief executive of outsourcing firm Capita is to step down as the company reels from a cyber-attack that could result in a hefty fine from the UK’s information and privacy regulator. Capita said Jon Lewis would step down by the end of the year, making way for Adolfo Hernandez, the vice-president of telecommunications at Amazon ...
- Moscow City Court sentences Group-IB founder to 14 years for high treason
July 26, 2023
The Moscow City Court has sentenced Group-IB founder Ilya Sachkov to 14 years in prison after finding him guilty of high treason, a TASS correspondent reported from the courtroom. Sachkov has been in custody since September 2021. According to the prosecution, in 2011 he handed over classified information to foreign intelligence thus causing reputational damage to ...