Debenhams Flowers – Data breach hits 26,000 customers

Penetration Testing
Today saw Debenhams targeted as the latest victim of a cyber-attack. Up to 26,000 customers of its Flowers website have had their personal data compromised. Potentially crucial customer data was taken in the attack including: payment details, names and addresses. The attack targeted Ecomnova, a third party e-commerce company. See the full BBC new story

Everyday there are new headlines of consumer data being misused or security concerns with data being hacked. The largest most recent high profile event was the data stolen from TalkTalk in 2016 by a 17-year-old boy who then tried to blackmail the organisation. 160,000 customer records were accessed. The estimates are this event has cost TalkTalk directly / indirectly in the region of £60million, plus what about the ongoing brand damage. The list of other companies also targeted and brands effected include household names such as: Asda / Three Mobile / Tesco bank / Morrison’s / Moon pig / Sage / Wonga.

Click to download

In just over 1 years’ time on the 25 May 2018 the EU’s General Data Protection Regulation (GDPR) will come into place which is the most stringent and burdensome privacy mandate in the world. Don’t think that it won’t happen due to Brexit. It will happen and doing nothing is likely to leave you with a huge fine! Companies that operate within the EU now need to take extra precautions to ensure the safety of their data, or face a fine of up to 4% of global turnover. You need to start preparing now to navigate through the complexity involved in addressing GDPR to comply fully with the regulation.

GDPR is the biggest change in European data laws in the last 20 years. It is being implemented to ensure companies raise the bar on data protection to rebuild consumer trust. It will force companies to take a proactive view of their data policies and strategies. There must be accountability, responsibility, and the ability to demonstrate data privacy plans and implementations. The Information Commission Office (ICO) will be enforcing and breaches will be severely punished.

Are you sure your systems are secure?

Let T&VS help ensure you are ready for the 25 May 2018, guiding you through the challenging data privacy environment and compliance to the latest international regulations. Our team of data privacy experts will review where you have GDPR data stored and present recommendations on improvements. Find our about our Data Privacy Solutions

In parallel our asureSECURE security team will analyse your infrastructure for potential weaknesses and provide assistance in ongoing security measures.  If you would like to know more, please see reviews our Security Solutions/