RadarFirst Blog

On Our Radar: July 12, 2019

If you’re in the States, you may have spent a long holiday weekend celebrating the 4th of July with neighborhood BBQs and summer night skies lit up with fireworks. Rolling into the office Monday morning after a holiday weekend can be a hustle – catching up on what you’ve missed, getting back into the work mindset, and reading through a pile of emails in your inbox. 

And that’s the thing about privacy - it doesn’t sleep, it doesn’t take a long weekend. This week in privacy news exemplified this. Below are two of the bigger stories we’re talking about in the RADAR offices. 

Perhaps one of the biggest revelations was the news that Zoom, a videoconferencing software, contained a vulnerability that allows malicious websites access to your camera, including turning on webcams without permission. This news gained notoriety from a Medium post from security research Jonathan Leitschuh, in which he also revealed that not only was the app on Mac devices vulnerable to attack, the “web server can do far more than just launch a Zoom meeting… [it] can also reinstall the Zoom app if a user has uninstalled it.” In response, Zoom released a patch on Tuesday, and to double up efforts, Apple pushed a silent Mac update to remove Zoom’s web server from Macs. 

The other big news this week is perhaps a signal of increased regulatory enforcements under the GDPR – a sign that the GDPR data breach fines regulators hinted at back in May are starting. This week the UK’s Information Commissioner’s Office issued a double-whammy in intentions to issue fines to two organizations: a $123M fine to Marriott for a November 2018 data breach, and a $230M fine to British Airways for an incident that was first disclosed in September 2018., "When you are entrusted with personal data, you must look after it.” Said Information Commissioner Elizabeth Denham. “Those that don't will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights."

If you’d like to share what privacy and data breach news is currently on your radar, we would love to hear from you at info@radarfirst.com.

Topics: Incident Response Management, Breach Notification Laws, Industry Trends