The Data Guardians Managing Director and lead consultant Matthew Lamb is a Certified Cyber Risk Management Practitioner and Data Protection Officer. Get in touch with us to ask about how we can help you with your GDPR and Data Protection Act compliance.
At least 10 universities in the UK have had data stolen about students and/or alumni after hackers attacked a cloud computing provider. Blackbaud is one of the world’s largest providers of education administration, fundraising, and financial management software and was held to ransom by hackers in May and paid an undisclosed sum to have the data destroyed. It has been criticised for not disclosing the breach externally until July and for having paid the hackers. Read more here.
The UK universities confirmed as having been affected include:
- University of York
- Oxford Brookes University
- Loughborough University
- University of Leeds
- University of London
- University of Reading
- University College, Oxford
- University of Exeter
- Aberystwyth University
- University of Strathclyde
The homeless charity Crisis has also confirmed that it has been affected by the Blackbaud data breach with details of hundreds of its supporters accessed. However, the charity has said they’re confident that the hackers were unable to access the encrypted financial information of everyone who had previously donated to Crisis. Read more here.
Garmin, the GPS and fitness-tracker company, has fallen victim to a cyber-attack that encrypted some of its systems. While they have no indication that any customer data was accessed, lost or stolen many of its online services have been disrupted. Read more here.
According to the ICO’s annual report, the health sector produced the highest proportion of data breaches throughout 2019 with 19.7% of all cases. The report says 95% of all data breaches required no action by the regulator but does not break this figure down by sector. Read more here.
Global data protection and privacy authorities have sent an open letter to video teleconferencing companies to ‘remind them of their obligations’ to comply with data protection and privacy laws and to handle information responsibly. Read the letter here.
Don’t miss another news roundup, subscribe to our mailing list and receive a monthly email with essential data protection news and insights. Subscribe here.