A recent Cyber Attack which hit a large UK high street retailer has caused the data of many previous customers to be leaked.

The affected data included names, email addresses, phone numbers, order details and the final four digits of bank cards.

Whilst they claim that the affected data was limited, the data that was affected was years old. Data involved in the breach was related to online orders from between November 2018 and October 2020.

Despite the attack affecting only historical data, it only occurred in the last few days.

This attack raises the question of why data so old is still vulnerable to Cyber Attackers?

Businesses across the UK and European Union are legally obligated to comply with the General Data Protection Regulation (GDPR). One of the rules of this act is that data is not kept longer than necessary for the task it was collected for. This means that, by law, a company must destroy any data that is no longer strictly necessary for it to operate.

The data breached in the recent  attack was all historical order data, with the newest record being over 2 years old, it raises the question, was this data required to still be stored?

It is as vital that your business considers what data it holds as well as how it does to ensure security and compliance with Cyber Legislation.

To stay Cyber Wise, click here to get in touch.

Subscribe today to receive our latest updates!

Subscribe

Get in Touch Today!

Thank you for your message. It has been sent.
There was an error trying to send your message. Please try again later.

Related Posts

If you enjoyed reading this, please explore our other articles below:

Technology is no longer a tool; it is the lifeblood...
Read More
Imagine your IT infrastructure as a castle. The typical defences...
Read More
In the lightning-fast pace of today’s business landscape, organisational survival...
Read More
In Europe, the walled garden of Apple’s App Store is...
Read More
back to all posts