Super fast and good response to data leak, stay alert though
The impact of the data leak at Nebu last week was huge. It was great to see how we very quickly got a picture of what was actually going on and how we immediately informed the customers and guided them where necessary. People really worked very hard to deal with this, hats off. Customer reactions also showed great appreciation for our approach.
Our own responsibility
In the end, the inconvenience to our customers was relatively limited. Although the data leak took place at a supplier of a supplier of a supplier, it is a good reason to re-examine our own behaviour. This is because of our own responsibility in this. Wolter took the opportunity during the monthly MR-Talk on Monday to reiterate this.
Spam, fishing, social engineering
For instance, if you have rights that not everyone has, you are guaranteed to be one of the first targets of potential hackers. The more rights you have, the more they can do with them once they get your password. So be alert to that. For instance, do not fall into the trap of keeping lists of passwords on your PC. And of course, stay alert to things like spam, fishing and social engineering.
Correct processing agreements
Always make good agreements with clients about what can be done with their data, based on correct processing agreements. Correct means that the correct processors are included, including any sub-processors, and all other agreements about data use.
Clear up data after use
In addition, you should not want to have more data than you really need. Having data brings obligations, but also risks. Clear up data after you have used it, do not leave it lying around in systems. Also, be very careful when using tools that are available on the internet, because before you know it you provide them with data that should not have been shared.