Hong Kong's privacy watchdog reported that Oxfam, the local arm of an international charity, breached data protection laws after a data leak in July 2022 potentially affecting 550,000 individuals. The investigation highlighted several failures in Oxfam's data protection measures, including outdated firewall security, lack of multi-factor authentication, and poor data retention policies. Privacy Commissioner Ada Chung emphasized that Oxfam did not take all practicable steps necessary to safeguard personal information against unauthorized or accidental access, thus leading to the significant breach.
Oxfam violated data protection laws after a breach in July 2022 that affected 550,000 individuals, according to Hong Kong's privacy watchdog.
The privacy commissioner stated that Oxfam did not take sufficient measures to protect personal data from unauthorized access or loss.
Investigation revealed critical vulnerabilities due to outdated firewalls, failure to implement multi-factor authentication, and excessive retention of personal data.
Oxfam's information security policy was criticized for lacking specificity, contributing to the data protection violations.
Collection
[
|
...
]