Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Disclose a data breach?

  • 20-10-2024 11:48am
    #1
    irishgeo
    Registered Users, Registered Users 2 Posts: 9,604 ✭✭✭


    I have come across some GDPR data on the internet while doing some security research. I have identified the company its from in Ireland.

    What's the best way to disclose this data breach etc?

    If anyone has any advice please let me know via PM?



Comments

  • #2
    ItHurtsWhenIP
    Registered Users, Registered Users 2 Posts: 2,116 ✭✭✭ItHurtsWhenIP


    Check the company's website for a privacy statement (data protection notice) and see if they list an email address for data protection matters and notify them that way.

    If nothing there, they are unlikely to have a security.txt file on their site, but no harm in checking for one anyway. It might list their disclosure contact details.

    https://securitytxt.org/

    If all else fails try their info@, hello@ or whatever general contact email they list of their site or through a "Contact us" form.

    These are the steps that Troy Hunt of Have I Been Pwned usually carries out, when he gets his hands on a data breach.

    If none of the above work, fire a report into the Data Protection Commission. They'll eventually get around to looking into it.



  • #3
    irishgeo
    Registered Users, Registered Users 2 Posts: 9,604 ✭✭✭irishgeo


    https://www.boards.ie/discussion/comment/122742042#Comment_122742042

    Thanks. They have a data protection email address which i have emailed so lets see what comes out of that. It is not so much a data breach more they left something open to the internet.



Advertisement