Detailed information about the job performance of more than 900 Regus employees was accidentally published online after the co-working space provider conducted a review of its sales staff. 

Regus owner IWG commissioned the mystery shopping business, Applause, to audit its sales staff through covert filming using "spy pens" fitted with miniature cameras. The employee performance data was compiled into a spreadsheet listing the names and work addresses of hundreds of Regus sales managers along with reviews of their performance. 

However, the employee performance data was published to a page on the task management site Trello, which had been made public, allowing the files to leak into Google search results. According to the Telegraph, this was apparently due to accidentally setting the Trello board to 'public'. 

After learning of the incident, Regus took immediate action and removed the content from the external provider's site. A Regus spokesman claims that the company has "run an internal audit to confirm that there are no other unapproved third-party software tools being used in any client engagements."

NNT CTO Mark Kedgley recently told SC Media UK, "The GDPR teeth are already biting, with over €100 m (£83 m) in fines already issued across the EU since the 2018 legislation came into action. In the UK, it seems the ICO are still using fines sparingly to maximize the impact when they do, with BA made an example of last year with the threat of a £183 m fine for their security lapse." 

"The message to all businesses operating within the EU region is clear: breaches involving the exposure of personal information will cost you financially and in customer trust. The best advice is to review your internal security operations against the CIS Controls to maximize cyber defenses, and always make use of encryption where possible for personally identifiable information as a backstop, so that even in the event of a breach, the data is unusable."

Studies show that the majority of security incidents occur when the first six CIS Controls are lacking or are poorly implemented. That's why we've teamed up with the Center for Internet Security (CIS) to host a webinar detailing the first six CIS Controls - also called the Basic CIS Controls

Join us on Thursday, February 20 for our webinar and learn: 

- What are the first six CIS Controls?

- What are the CIS Controls implementation groups and which group does your organization fit in? 

- Where to start and what shortcuts to take?

Click here to register 

Read the full article here Regus suffers staff data breach via third party 

NNT Suite of Products

change tracker gen7r2 logo

Combine industry leading Device Hardening, File Integrity Monitoring, Change Control, Configuration Management & Compliance Management into one easy to use solution that can scale to the most demanding environments!

fastcloud logo

Automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Integrity Assurance.

log tracker logo logo

Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds.

vulnerability tracker logo

Continuously scan and identify vulnerabilities with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

USA Offices
NNT logo New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
1175 Peachtree St NE
Atlanta, Georgia, 30361.

Tel: (844) 898-8358
email [email protected]
UK Office
NNT logo New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire
AL5 2JD

Tel: 01582 287310
email [email protected]
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified IBM Security
Copyright 2020, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.