Royal Free & Google DeepMind trial failed to comply with data protection law

data protection

The ICO has published its ruling on the Royal Free NHS Trust sharing of patient data with Deep Mind (a Google owned AI company). The data (1.6m records) had been shared as part of a trial to test an alert, diagnosis and detection system for acute kidney injury, but the ICO did not believe the patients …

Read moreRoyal Free & Google DeepMind trial failed to comply with data protection law

Joomla Security Release (3.7.3)

Online Security

Web platform provider Joomla have released a new version to fix a number of security issues: Core – Information Disclosure (affecting Joomla 1.7.3-3.7.2) Core – XSS Vulnerability (affecting Joomla 1.7.3-3.7.2) Core – XSS Vulnerability (affecting Joomla 1.5.0-3.6.5) If you’ve not already updated to this latest version you’re advised to do so ASAP. Full details of …

Read moreJoomla Security Release (3.7.3)

Why lack of certainty is probably not helping GDPR compliance

which direction for law

If it wasn’t hard enough to convince businesses in the UK that they really should be thinking about how their organisation will be impacted by the General Data Protection Regulation (GDPR) next year, we’ve got to also think about the ePrivacy Regulations (which the EU wants to come into force at the same time as …

Read moreWhy lack of certainty is probably not helping GDPR compliance

Drupal patches some more security risks

Online Security

This week Drupal have patched a couple of modules for potential security issues. Both the services module and the SMTP Authentication Support module have been updated. If you’re running either of these modules make sure your system has been updated to the latest versions of the modules to ensure you’re website is not vulnerable.

Petya ransomware highlights continued vulnerabilities

ransomeware learnings

In case you missed it, there was another global ransomware attack this week. Whilst the Ukraine seems to  have been hit the worst, it is being reported that businesses across the world have been impacted. It is possible you have missed this latest cybersecurity issue, mainly because it’s not dominated the media headlines like the …

Read morePetya ransomware highlights continued vulnerabilities

Website vulnerability leads to £60k ICO fine

latest compliance news posts

The Information Commissioner’s Office (ICO) (the UK’s “data regulator”) has fined a small video game rental company £60,000 after failing to take basic action to prevent an SQL injection vulnerability with their website, which led to a data breach and access to customer details. This latest fine just indicates that any size business is at …

Read moreWebsite vulnerability leads to £60k ICO fine

Virgin customers told to change password to avoid hacking

Online Security

A Which? investigation has found that Virgin customer’s Super Hub 2 routers could be vulnerable to hacking if the default router password isn’t changed. Various UK news sites (e.g. BBC) are reporting that Virgin Media have told 800000 of it’s customers to change their passwords. If you’re using a Super Hub 2 router then change …

Read moreVirgin customers told to change password to avoid hacking

ICO issues fine for email marketing breach

latest compliance news posts

The ICO has issued a fine to Morrison Supermarkets for sending marketing consent emails to over 130k email addresses where the subjects had previously opted-out of marketing. Remember that even under the current data protection and privacy regimes you must have consent to send marketing materials. There will be no change to this with the GDPR, …

Read moreICO issues fine for email marketing breach