Data such as names, dates of birth, National Insurance numbers and radiation doses for over a thousand people working for the Welsh NHS was stolen from a private contractor. While the breach was discovered back in October, it was not reported until January. Frankly, long delays like this in reporting is unacceptable. People need to know if their data is exposed so they can protect themselves.
Let this also be a lesson about the importance of 3rd party security and the risk you take when allowing data to be stored/used/collected by contractors or other 3rd parties.
Erich Kron, Security Awareness Advocate at KnowBe4, is a veteran information security professional with over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in InfoSec