Privacy Transformation - Issue 105
PRIVACY
HSE cyber attack: 'Inevitable' major Irish entity would be hit
With malware attacks becoming more sophisticated and concerning, and critical infrastructure increasingly targeted, it was inevitable a major Irish public entity would be hit eventually. On Friday morning, it was the Health Service Executive.
High Court rejects Facebook bid to block probe that could stop data transfers from EU to US
Facebook Ireland has lost its bid to block the Data Protection Commissioner from conducting a probe into the matter.
Fianna Fáil calls for social media companies to request ID to fight online abuse
Fianna Fáil backbenchers have called for social media companies to request ID when users create accounts as part of a ban on anonymous social media accounts.
Almost half of Irish people are concerned about sharing personal information online
This is a decline of 8% from 2019 to 2020, placing Ireland close to the global average of 45%.
SECURITY & TECH
Thousands of HSE computers rely on out-of-date software
The Health Service Executive's information technology system is relying on thousands of out-of-date computers because a plan to replace them has not been completed.
RELATED
This is how long hackers will hide in your network before deploying ransomware or being spotted
Microsoft EU Data Boundary dubbed ‘smoke and mirrors’
Data protection experts claim Microsoft’s decision to create an EU data boundary is a tacit admission that it routinely transfers and processes the personal data of European citizens outside the bloc, raising further questions about where its UK customers’ data goes.
RELATED
France says Google, Microsoft cloud services are OK for sensitive data
UK NCSC: Weekly Threat Report
The NCSC's weekly threat report is drawn from recent open source reporting.
DATA BREACH
Patient data from HSE hack has appeared on the dark net, Minister confirms
Stephen Donnelly said that it was “distasteful” that law firms were “licking their lips” at prospect of suing the State over the HSE cyber hack.
RELATED
Here’s how much your stolen personal data is worth on the dark web
Data breach at Muckross Park after hack on hotel email account
Breach at Co Kerry hotel may have allowed the hacker access to some guests' email addresses
Verizon Data Breach Report 2021: Pandemic Has Caused Major Surge in Phishing, Ransomware and Web App Attacks
Verizon's data breach report for 2021 frames the degree to which the pandemic has influenced cyber criminal activity, with the focus shifting strongly toward work-at-home infrastructure.
See Resources Section for link to report.
ENFORCEMENT
HSE could face €1m fine for GDPR failings over cyber attack
HSE breach may see Data Protection Commission utilise the full extent of its fining powers on a State body for the first time, says expert
Irish Credit Bureau fined by regulator for data breach
The Irish Credit Bureau (ICB) has been fined €90,000 and reprimanded for a “serious” breach of the General Data Protection Regulation (GDPR). It is the largest domestic fine levied by the Irish data regulator.
More on the latest GDPR enforcement news can be found on:
RESOURCES
DPC Decision: Irish Credit Bureau DAC
Data Protection Commission 21 Fitzwilliam Square South Dublin 2 D02 RD28 Ireland
Verizon 2021 Data Breach Investigations Report (DBIR)
Access Verizon's 2021 Data Breach Investigation Report
CONTRIBUTE
Have an interesting article, book, video, podcast or other resource that you would like to share with fellow privacy practitioners? Please do drop me a note.