It’s October and time once again to look back at the previous month’s key headlines. Cyber security news Sep 2022 features a series of hacking incidents against well-known brands. We then cover an ICO update on organisations failing to deal with Subject Access Requests (SARs). Finally, we look at another huge cyber-attack which affected millions of people in Australia.

September 2022, a month for the hackers

Various news outlets reported a series of high-profile hacks in September. This Guardian piece detailed how a hacker leaked 50 minutes of footage from Grand Theft Auto 6. Uber was the victim of a hack too, with internal communications and engineering systems compromised. US School app Seesaw was also targeted successfully, as hackers shared an inappropriate image on the platform.

Why are there so many cyber-attacks taking place? These incidents have grown steadily in recent years, a by-product of the proliferation of digital platforms, services and devices. Cyber-criminals are constantly evolving and developing their tactics. Cyber security is still not prioritised as much as it should be – the reasons go on and on.

What can you and your organisation do to stay safe? First and foremost, ensure you and your staff are cyber aware. Never doubt that you could be a potential target. Make sure you are embracing the basics or better – implement and then maintain a robust cyber security strategy.

The ICO takes action against 7 organisations who failed to respond to SARs

A SAR – a Subject Access Request – must be responded to within 1-3 months. Individuals have the right to access and receive copies of their personal data held by an organisation. SARs enable them to achieve this and if ignored, then this is deemed to be a breach of the Data Protection Act and UK GDPR.

This article from the ICO reveals further details on the 7 organisations found to be in breach, going so far as to name them:

  • Ministry of Defence (MoD)
  • Home Office
  • London Borough of Croydon
  • Kent Police
  • London Borough of Hackney
  • London Borough of Lambeth
  • Virgin Media

All have been issued with reprimands as a minimum, with improvements then also required from each in the next 3-6 months.

Do you have any outstanding SARs? Do you have the right framework in place to deal with SARs? If not, then CRIBB Cyber Security can help. Our Data Protection Officer (DPO ) services are available for any organisation who requires a DPO. If you are unsure if this is you, then our Data Protection Officer FAQs article may help.

Huge cyber-attack steals personal data from 40% of the Australian population

Towards the end of the month, it was revealed that a cyber-attack on telecommunications giant Optus had taken place. This BBC piece details how a data breach occurred in a sophisticated attack against Australia’s second-largest telecoms provider.

Data was stolen from around 2.8 million people and included names, birthdates, home addresses, phone and email contacts, plus passport and driving licence numbers.

That is all for cyber security news Sep 2022 – what do you think of our latest selection?