customer data – Page 2 – Cyber Law Watch

Tesco Bank fined £16.4 million for failing to protect account holders against an avoidable cyber-attack in 2016

Oct 04 2018

By Cameron Abbott and Colette Légeret

The UK’s banking watchdog, the Financial Conduct Authority (FCA), has fined Tesco Bank, the banking arm of UK supermarket chain Tesco, £16.4 million (approximately AU$29.5 million) for failing to exercise due skill, care and diligence in protecting its personal current account holders against a cyber-attack that occurred in 2016.

This cyber-attack affected thousands of account holders and netted the cyber-criminals £2.26 million (approximately AU$4.07 million) in 48 hours. It was described, at the time, as an unprecedented assault against a UK regulated bank.

Research reports say risks to smartphone security aren’t phoney

Jun 19 2018

By Rob Pulham, Warwick Andersen and Sarah Goegan

Beware! Your favourite apps may be putting your phone and data at risk. Reports from Allot and BitSight have examined rising threats to the security of our mobile devices.

Not so happy families: Online genealogy website suffers data breach

Jun 13 2018

By Cameron Abbott, Rob Pulham and Sarah Goegan

Online genealogy platform MyHeritage suffered a major data breach in which email addresses and hashed passwords of over 92 million users were leaked. The data breach occurred in October 2017, but was not discovered until 4 June 2018.

MyHeritage became aware of the breach after a security researcher found a file named “myheritage” on a private server. The file contained all the email addresses of MyHeritage users who signed up through to 26 October 2017, and their hashed passwords.

Politicians accused of stealing data?

May 21 2018

By Cameron Abbott and Sarah Goegan

No it’s not Chinese or Russian hackers trying to influence elections. A candidate in the Ontario province elections in Canada has resigned following allegations he may have stolen data from his former employer to further his party’s campaign.

Another Facebook app leaves anonymised data of 3 million users potentially exposed

May 17 2018

By Cameron Abbott and Keely O’Dowd

Recent news reports have revealed that Facebook has been hit with another data scandal.

The anonymised data of approximately 3 million Facebook users has reportedly been published on a poorly protected website. This data was originally collected via a Facebook quiz app called “myPersonality”. The myPersonality app was developed as part of the “myPersonality project” run by academics at the University of Cambridge’s The Psychometrics Centre.

Family Planning NSW the latest victim of cyber attacks

May 16 2018

By Cameron Abbott and Allison Wallace

Up to 8000 clients of Family Planning New South Wales have been affected by a ransomware attack on the NGO’s website. No the sort of records people every want to see disclosed.

The website was hacked on ANZAC Day, with the personal information of clients who had contacted FPNSW in the past 2 and a half years compromised – including details such as names, contact details and reasons for enquiries.

US Court signals that proving data breach class actions will be difficult

May 10 2018

By Andrew C. Glass, David D. Christensen, Cameron Abbott and Matthew N. Lowe

In the US, several attempts at class actions for those affected by a data breach have failed challenges in early procedural stages. In Dieffenbach v. Barnes & Noble, Inc., 887 F.3d 826 (7th Cir. Apr. 11, 2018), the Seventh Circuit allowed a data breach class action to survive the pleadings stage. At the same time, the Court indicated that the plaintiffs may have a tough time proving their claims on the merits or establishing that class certification is warranted. At the end of the day, the Dieffenbach decision may prove to be less of a boon and more of a bust for plaintiffs in data breach class actions. Although it may provide a means to get into court, the decision makes clear that obtaining a favorable outcome may be a “difficult task.” For a full summary of the Dieffenbach decision please see our client alert here.

Facebook to release “clear history” tool

May 04 2018

By Cameron Abbott and Keely O’Dowd

Facebook collects data on every “like” button you click on a website and the websites you visit that use Facebook pixel code.

At the F8 Conference, Mark Zuckerberg announced Facebook will release a new tool that will enable Facebook users to see and delete identifying information that Facebook has collected about them from other websites and apps. This new “clear history” tool will also allow users to turn off having this information stored with their Facebook account.

Cambridge Analytica closes its doors

May 03 2018

By Cameron Abbott and Sarah Goegan

Cambridge Analytica, the data company embroiled in the Facebook privacy scandal, is closing down. The firm’s parent company, SCL Elections, announced that it and some of its affiliates including Cambridge Analytica had commenced insolvency proceedings in the UK, and would immediately cease all operations.

In a statement, Cambridge Analytica said it had been “vilified” and the subject of “numerous unfounded accusations” about its activities, which it says are legal and widely accepted in online advertising. It blamed negative media coverage of allegations the company improperly used the data of 87 million Facebook users (which you can read about here, here and here) for a mass exodus of clients.

Excel skills of English Council leads to the exposure of “hidden” personal information

May 02 2018

By Cameron Abbott and Keely O’Dowd

The Kensington and Chelsea London Borough Council (Council) was recently fined £120,000 (approximately AUD$217,920) by the UK Information Commissioner’s Office (ICO) for the unauthorised processing of personal data belonging to 943 people who owned vacant properties in the Borough.

Tag:customer data