threat updates
UK
Public Health England (PHE) will keep personally
identifiable information collected by NHS Test and Trace of
people with COVID-19 symptoms for 20 years.
The privacy notice from PHE also says it will keep the
personally identifiable information collected on the
contacts of people with COVID-19, but who do not have
symptoms, for five years.
Youngjin Yoo, Project Lead of Sharetrace, said: “They may
be happy to offer the data now to prevent the wider spread
of the current pandemic, but why should it be held to
prevent a future pandemic that may never happen?”
GLOBAL
The team behind the Joomla open
source content management system
(CMS) has announced a security breach.
The incident took place after a member of the
Joomla Resources Directory (JRD) team left a full
backup of the JRD on an Amazon Web Services
S3 bucket owned by their own company.
Data potentially affected included full name,
business address, email and phone number.
In response to the news, Paul Edon, Senior Director Technical
Sales and Services (EMEA) at Tripwire, said: “Misconfigurations
actually lead to more breaches than exploited systems, but
organisations often don’t put the same effort into assessing
them as they do scanning for vulnerabilities.”
www.intelligentciso.com | Issue 26
25