IT contractors should be checked to avoid theft of credit card details, says Eversheds
Paula Barrett, data privacy expert at Eversheds, has commented on the theft of almost half of all South Korea’s credit card details.
Referring to the recent Target breach, she said that reports of another large-scale security breach involving credit card data in South Korea can only add to mounting concerns about data security standards.
Barrett said: ‘In this instance, the threat seems to have come “from within”. It seems an errant contractor took advantage of their position. The ability of this contractor to copy this volume of financial data begs a lot of questions.
‘But, while the sheer scale of the breach has brought attention to this matter, the degree of access that IT contractors and staff have is all too often overlooked within many other businesses. In the UK, the Information Commissioner’s Office warned over the Christmas period of the need to be vigilant in relation to the use of temporary workers/contractors.’
She added that often the checks, controls and training that might be undertaken for full-time equivalents are not undertaken for contractors, even though the performance of their roles will often give them direct access to personal or confidential data.
Barrett continued: ‘Even if this is not payment card data, this vulnerability in the protection of personal data or confidential information should be addressed within data security and data protection compliance programmes. As in South Korea, in the UK that weakness could lead to investigation by local regulators, significant fines and damages claims.’
News from Eversheds
News from The Lawyer
Briefings from Eversheds
Trade unions are increasingly using a relatively unknown TULRCA provision in negotiations with employers over changes to collectively agreed terms and conditions.
The notion of ‘gross negligence’ is an important matter for customers and institutions alike and has been reviewed by the High Court and Supreme Court in deciding a recent case.
Analysis from The Lawyer
‘Exotic’ investors and opportunities for legal work beyond M&A feature in The Lawyer’s high-level roundtable debate on south-east Europe
Could Slater & Gordon achieve its stated aim of becoming a top consumer brand by acquiring Pannone?