Insights
-
Posted in:
M&S Cyber Attack Updates 2025: What Happened So Far?
Ransomware and cyberattacks are growing in both frequency and sophistication as the digital age develops. Having explored the UK Government’s approach to these new challenges previously, we have seen a recent explosion of ransomware attacks over the past few months, particularly targeting the British retail industry; most notably, the M&S cyber attack. Matt Hull, a…
-
Posted in:
Toyota Bank Polska Fined for GDPR Failings
Why was Toyota Bank Fined and how much? In early 2025, Toyota Bank Polska S.A. was hit with a significant fine by the Polish Data Protection Authority (UODO) for breaches of the General Data Protection Regulation (GDPR). The bank was penalised to the tune of PLN 576,220 (approximately £115,000) for two major failings: Lack of…
-
Posted in:
Is Shein breaking EU consumer laws?
Shein has rapidly grown into one of the world’s largest online fast fashion retailers, offering ultra-low prices and an ever-changing catalogue of trendy clothing. Its ability to produce and distribute garments at an unprecedented speed has made it a dominant force in the industry. However, this business model has come under scrutiny, particularly in the…
-
Posted in:
Recovering Deleted Digital Evidence with Digital Forensics
Why Digital Evidence Matters? As we already know, deleted doesn’t always mean gone forever—especially when it comes to digital evidence. Data loss can occur through various means such as cyberattacks, system failures, or human error, which accounts for about 29% of incidents, according to the Acronis Cyber Protection Week Global Report 2021. Alarmingly, around 30%…
-
Posted in:
Digital Accessibility Compliance for Organisations
Thursday, 15 May, is Global Accessibility Awareness Day (GAAD) and serves as a timely reminder that if your website, app, or platform isn’t usable by everyone, you are not just falling short on inclusion. You might be falling short on data protection compliance, too. It is easy to think of digital accessibility requirements as a…
-
Posted in:
Challenges in Due Diligence: Privacy Laws and Data Access
Respecting Boundaries: How can you navigate Privacy Law Challenges and Data Access Limitations in Due Diligence? In the world of due diligence, accurate, comprehensive information is paramount. Whether evaluating a potential business partner, assessing a company’s financial health, or uncovering potential legal risks, access to information is the foundation of informed decision-making. However, as privacy…
-
Posted in:
A DPO’s Guide to Password Protection
On World Password Day 2025, observed on May 1st, let’s reflect on one of our most basic yet crucial lines of defence…..the password protection. And let’s be honest, we’ve all been there… “Password123”, “pet’s name” or even default credentials such as “admin.” These practices significantly weaken your security posture and expose your organisation’s sensitive systems…
-
Posted in:
Handling Employee Health Data under GDPR and UAE PDPL
Employee health data is classified as special category data under the UK GDPR (Article 9) and sensitive personal data under the UAE PDPL, mishandling it can lead to legal, reputational, and financial consequences. With increasing scrutiny on data privacy, particularly concerning health conditions, organisations need to be vigilant when processing this sensitive information. World Health…
-
Posted in:
Is Signal App safe? Lesson from US Military Group Chat Breach
In March 2025, a major data breach shook Washington DC when a journalist was accidentally added to a secure Signal app messaging group. Signal, a platform celebrated for its encryption, was intended to facilitate private communications among high-ranking government officials. The group included Vice President JD Vance, Defence Secretary Pete Hegseth, and National Security Adviser…
-
Posted in:
HR’s Guide: Handling Religious Data & Eid Leave in GCC regions
With Ramadan coming to an end and Eid al-Fitr expected on 30/31 March 2025, and Eid ul-Adha on 6 June 2025, many organisations are considering how best to support Muslim employees. Flexible working hours, awareness of fasting, and time off for religious observances are often a focus for organisations. But one important area is frequently…
-
Posted in:
The Online Safety Act UK: A Comprehensive Guide 2025
The Online Safety Act UK introduces a comprehensive legal framework to improve online safety and reduce harm for both children and adults. With increasing concerns over illegal content, harmful material, and misinformation, the Act mandates stricter compliance measures for online service providers, including social media platforms, search engines, video-sharing services, and cloud storage providers. Enforced…
-
Posted in:
Ransomware Attacks in the UK: Government Action 2025
Ransomware Attacks in the UK: Trends Since 2020 The UK Government defines Ransomware Attacks as “malicious software which infects a victim’s computer and demands a ransom from them to give them back access to their system, for their data to be restored, and often for the hackers not to publish the victim’s data on the…