Tsaaro Weekly Privacy Newsletter
15th July, 2022

BIG DATA AND PRIVACY: WHAT’S THE “BIG” DEAL?

Big Data is the next big thing in the world of IT, as people are becoming increasingly aware of its potential and its impact on the business world and society as a whole. It is a term used for large data sets with more varied and complex structures. These characteristics usually correlate with additional difficulties in storing, analyzing, and applying further procedures or extracting results. 

Researching massive amounts of complex data to reveal hidden patterns or identify secret correlations is creating a contradiction between Data Privacy and Security.  

Data owners i.e.; Companies must keep up with both the pace of data growth and the compliance with the regulations governing it, especially ensuring protecting the privacy of sensitive data and personally identifiable information (PII). With Data usage increasing and spreading across locations, the risk of a privacy breach has never been higher, as a consequence comes high fines, loss of consumer trust, and loss of market share. 

The key to protecting the privacy of your big data while still optimizing its value is an ongoing review of four critical data management activities:

1.Data collection 

2.Data Retention and archiving 

3.Data use, including use in testing, DevOps, and other Data masking techniques  

4.Creating and updating disclosure policies and practices 

If you are a company processing huge amounts of Data, check out our service: https://tsaaro.com/data-protection-view-all/  

For additional information Reach out to us at info@tsaaro.com 

Tsaaro Weekly Privacy Newsletter
15th July, 2022

BIG DATA AND PRIVACY: WHAT’S THE “BIG” DEAL?

Big Data is the next big thing in the world of IT, as people are becoming increasingly aware of its potential and its impact on the business world and society as a whole. It is a term used for large data sets with more varied and complex structures. These characteristics usually correlate with additional difficulties in storing, analyzing, and applying further procedures or extracting results. 

Researching massive amounts of complex data to reveal hidden patterns or identify secret correlations is creating a contradiction between Data Privacy and Security.  

Data owners i.e.; Companies must keep up with both the pace of data growth and the compliance with the regulations governing it, especially ensuring protecting the privacy of sensitive data and personally identifiable information (PII). With Data usage increasing and spreading across locations, the risk of a privacy breach has never been higher, as a consequence comes high fines, loss of consumer trust, and loss of market share. 

The key to protecting the privacy of your big data while still optimizing its value is an ongoing review of four critical data management activities:

1.Data collection 

2.Data Retention and archiving 

3.Data use, including use in testing, DevOps, and other Data masking techniques  

4.Creating and updating disclosure policies and practices 

If you are a company processing huge amounts of Data, check out our service: https://tsaaro.com/data-protection-view-all/  

For additional information Reach out to us at info@tsaaro.com 

Major Privacy Updates of the Week

Marriott suffers data breach due to social engineering attack

Marriott International, one of the largest hotel chains in the world, has suffered another data breach. According to the hackers, more than 20 GBs of sensitive data, including credit cards and other confidential information about guests and employees, was stolen. Databreaches.net reports that hackers used a social engineering trick to access an employee’s computer at a Marriott hotel in Maryland. 

Read More

Marriott suffers data breach due to social engineering attack

Marriott International, one of the largest hotel chains in the world, has suffered another data breach. According to the hackers, more than 20 GBs of sensitive data, including credit cards and other confidential information about guests and employees, was stolen. Databreaches.net reports that hackers used a social engineering trick to access an employee’s computer at a Marriott hotel in Maryland. 

Read More

Clearview AI fined again for GDPR violations by Greece Authority

The European Union’s assault on controversial facial image aggregator Clearview AI continued, with the Hellenic Data Protection Authority (HDPA) in Greece the latest to penalize the company for violations of the General Data Protection Regulation (GDPR). The HDPA fined the company 20 million euros (U.S. $19.9 million) a record in the country for unlawfully processing the biometric data of Greek citizens.

Read more

Clearview AI fined again for GDPR violations by Greece Authority

The European Union’s assault on controversial facial image aggregator Clearview AI continued, with the Hellenic Data Protection Authority (HDPA) in Greece the latest to penalize the company for violations of the General Data Protection Regulation (GDPR). The HDPA fined the company 20 million euros (U.S. $19.9 million) a record in the country for unlawfully processing the biometric data of Greek citizens.

Read more

Trellix detects malicious spear phishing email campaign targeting government agencies

A malicious campaign has been targeting government agencies across the U.S., India, Afghanistan, Italy, and Poland since last year, the Trellix Email Security Research Team discovered. The attack starts with a spear phishing email with a geopolitical theme and is themed around the India-Afghanistan relationship. The attacker used politics as a lure to trick users into clicking on a malicious link. The email used for this phishing attack contains an attachment or a weaponized URL that delivers an Excel sheet.

Read more

Trellix detects malicious spear phishing email campaign targeting government agencies

A malicious campaign has been targeting government agencies across the U.S., India, Afghanistan, Italy, and Poland since last year, the Trellix Email Security Research Team discovered. The attack starts with a spear phishing email with a geopolitical theme and is themed around the India-Afghanistan relationship. The attacker used politics as a lure to trick users into clicking on a malicious link. The email used for this phishing attack contains an attachment or a weaponized URL that delivers an Excel sheet.

Read more

TikTok Pauses Privacy Policy Update in Europe Following Regulatory Pushback

TikTok has agreed to postpone a controversial privacy policy update in Europe that would have enabled the platform to stop asking users for consent to be tracked for targeted advertising. The Irish Data Protection Commission (DPC), the lead privacy regulator that oversees TikTok for the European Union’s General Data Protection Regulation (GDPR), says the “pause” follows engagement between TikTok and the oversight office. 

Read more

TikTok Pauses Privacy Policy Update in Europe Following Regulatory Pushback

TikTok has agreed to postpone a controversial privacy policy update in Europe that would have enabled the platform to stop asking users for consent to be tracked for targeted advertising. The Irish Data Protection Commission (DPC), the lead privacy regulator that oversees TikTok for the European Union’s General Data Protection Regulation (GDPR), says the “pause” follows engagement between TikTok and the oversight office. 

Read more

Cybercriminals Steal $8 Million in Ethereum via Uniswap Phishing Attack

a phishing scam offering a fraudulent airdrop managed to rob Uniswap users of nearly $8 million in funds. The phishing scam promised a free airdrop of 400 UNI tokens (worth approximately $2,200). Users were asked to connect their crypto wallets and sign the transaction to claim the malicious airdrop. Upon connection, the unknown hacker grabbed user funds through a malicious smart contract. 

Read more

Cybercriminals Steal $8 Million in Ethereum via Uniswap Phishing Attack

a phishing scam offering a fraudulent airdrop managed to rob Uniswap users of nearly $8 million in funds. The phishing scam promised a free airdrop of 400 UNI tokens (worth approximately $2,200). Users were asked to connect their crypto wallets and sign the transaction to claim the malicious airdrop. Upon connection, the unknown hacker grabbed user funds through a malicious smart contract. 

Read more

Curated by: Prajwala D Dinesh, Ayush Sahay, Ritwik Tiwari.

WEEKLY PRIVACY NEWSLETTER

Keep up to pace with this high-impact weekly privacy newsletter that
features significant data privacy updates, trends, and tools that can
help to make your life secure & easier every day!

*By clicking on subscribe, I agree to receive communications from Tsaaro