Dating Site Users Hit With Sexually Explicit Spam
Posted by: Timothy Weaver on 05/09/2017 09:21 AM
[
Comments
]
Users of a U.K. dating website, Guardian Soulmates, have been receiving sexually explicit spam employing snippets of their own personal details drawn from their profiles.
The breach and exposure of personal information is being attributed by the site owners, Guardian News & Media, to "human error" by a third-party technology provider.
So far, 27 subscribers presented evidence that their accounts had been compromised. However, Guardian stated that only email addresses and user IDs had been exposed directly.
“Guardian Soulmates hasn't proven to be a good guardian of its customers' data," Sarah Stephens, head of cyber, media and E&O at JLT Specialty, stated on Tuesday. "As is often the case with data breaches, it is the third-party technology provider that has proven to be the source of the attack and in this case it appears that human error, which remains the top cause of incidents by a significant margin, is also to blame."
Stephens went on to explain. "We estimate that less than a quarter of companies around the world have a mature, well-tested cyber incident response plan and capability."
When it comes to responses by companies, Stephens said: "Next year, the EU General Data Protection Regulation will pass into national legislation mandating notification of data breach incidents within 72 hours. This will further raise the need for companies to readdress their response capabilities, particularly in light of the prohibitive fines at the commissioners' disposal (four percent of global turnover or EUR 20 million – whichever is larger).”
Source: SCMagazine
The breach and exposure of personal information is being attributed by the site owners, Guardian News & Media, to "human error" by a third-party technology provider.So far, 27 subscribers presented evidence that their accounts had been compromised. However, Guardian stated that only email addresses and user IDs had been exposed directly.
“Guardian Soulmates hasn't proven to be a good guardian of its customers' data," Sarah Stephens, head of cyber, media and E&O at JLT Specialty, stated on Tuesday. "As is often the case with data breaches, it is the third-party technology provider that has proven to be the source of the attack and in this case it appears that human error, which remains the top cause of incidents by a significant margin, is also to blame."
Stephens went on to explain. "We estimate that less than a quarter of companies around the world have a mature, well-tested cyber incident response plan and capability."
When it comes to responses by companies, Stephens said: "Next year, the EU General Data Protection Regulation will pass into national legislation mandating notification of data breach incidents within 72 hours. This will further raise the need for companies to readdress their response capabilities, particularly in light of the prohibitive fines at the commissioners' disposal (four percent of global turnover or EUR 20 million – whichever is larger).”
Source: SCMagazine
Comments
