IT contractors should be checked to avoid theft of credit card details, says Eversheds
Paula Barrett, data privacy expert at Eversheds, has commented on the theft of almost half of all South Korea’s credit card details.
Referring to the recent Target breach, she said that reports of another large-scale security breach involving credit card data in South Korea can only add to mounting concerns about data security standards.
Barrett said: ‘In this instance, the threat seems to have come “from within”. It seems an errant contractor took advantage of their position. The ability of this contractor to copy this volume of financial data begs a lot of questions.
‘But, while the sheer scale of the breach has brought attention to this matter, the degree of access that IT contractors and staff have is all too often overlooked within many other businesses. In the UK, the Information Commissioner’s Office warned over the Christmas period of the need to be vigilant in relation to the use of temporary workers/contractors.’
She added that often the checks, controls and training that might be undertaken for full-time equivalents are not undertaken for contractors, even though the performance of their roles will often give them direct access to personal or confidential data.
Barrett continued: ‘Even if this is not payment card data, this vulnerability in the protection of personal data or confidential information should be addressed within data security and data protection compliance programmes. As in South Korea, in the UK that weakness could lead to investigation by local regulators, significant fines and damages claims.’
News from Eversheds
News from The Lawyer
Briefings from Eversheds
Technology acquisitions round-up — Facebook acquires LiveRail; Apple acquires Beats Electronics; and more
In this briefing, Eversheds sets out a choice pick of mergers and acquisitions from 2014 so far.
In Carewatch Care Services v Focus Caring Service and Others, Mr Justice Henderson had to consider the enforceability of standard post-termination restrictions.
Analysis from The Lawyer
A new breed of lawyer is smoothing the path for companies entering emerging or unstable jurisdictions
‘Exotic’ investors and opportunities for legal work beyond M&A feature in The Lawyer’s high-level roundtable debate on south-east Europe