1 02, 2022

A common email data breach – failing to BCC

A common email data breach by failing to BCC the recipients My son has started a new job and is heading off for a training course on Sunday. As part of attending the training course he was provided with information about the venue and training sessions along with the other new starters. My son could see the personal email addresses of colleagues he’s yet to meet on a company email. As my son (And [...]

10 11, 2019

Email data breaches – Easily avoided

It's happened again. One of the most common data breaches and one which is easily avoided has happened to West Berkshire Council. So what happened? Someone sent an email to 1,107 people about a leisure centre survey and didn't hide the email addresses. As a result, everyone getting the email could see who else it had been sent to. It's really disappointing when these types of data breaches occur as they could so easily [...]

19 08, 2019

Subject Access Requests – Verifying the Identity of the Requestor

There has been a recent news story about a man making subject access requests in the name of his girlfriend (with her knowledge) to see how much information he could obtain. On the basis of his research 1 in four companies gave him information on the basis of the information he had provided. This comes down to poor verification processes in place at the organisations before they give the information out. So here are [...]

22 04, 2018

It’s an easy mistake to make………….

GDPR is on the horizon and lots of organisations are seeking reconsent by sending you an email to get you to reconfirm your email address. And that's fine providing they are doing it the right way. I was contacted recently by a charity seeking reconsent. They had made some fundamental mistakes, including a data breach! What did they do? Firstly when seeking reconsent they sent an email to all the subscribers via outlook and [...]

2 10, 2017

Pet Insurers in the Doghouse

We have just got a new puppy, turns out she is a rich source of potential data protection and GDPR breaches. :-) Lets start with trying to insure her. We already have another dog so I rang to get a quote for adding her to the policy. The lovely person gave me a quote and then asked if I would like it emailed to me. I said yes, this was my first mistake. I [...]

Go to Top