YandaB
Newbie
Sorry for another WHS thread but I think that this is important and would like other people's opinons. I am being invited on our IG platform to consent to my data (DOB, name and email) to be shared with the WHS.
Given that the state of the project is, imho, poor, in that with 1 week to go they are still changing basic fundamentals (CSS inclusion) and others things are still unknown (what happens if only an initial handicap has been given CONGU or desloped CONGU) to name but a couple of issues, what are the views on the likely safety of our data? I know that GDPR says that they must keep it safe but there is no indication of how well they are set up to do that.
I wonder how much mishief a bad actor can get up to with name, email and DOB, is that enough to open bank accounts, credit cards etc? What other nefarious activities might they get up to? Then that needs to be balanced with what probability someone can hack into a database with a very significant number of records (the more records there are, the higher the chance of someone trying I suppose). I'm sure that at work the IT department do rigorous Security Risk Assessments looking at all sorts of standards and security controls to ensure that data is kept safe. Is that relevant here? Should we be told?
Bottom line is, how safe is our data really going to be? Fixing an identityf theft problem after it's happened is really difficult as I understand it.
Just feeling a little nervous (especially after a recent incident where our local kids football website was hacked) and not sure where I go for re-assurance.
Given that the state of the project is, imho, poor, in that with 1 week to go they are still changing basic fundamentals (CSS inclusion) and others things are still unknown (what happens if only an initial handicap has been given CONGU or desloped CONGU) to name but a couple of issues, what are the views on the likely safety of our data? I know that GDPR says that they must keep it safe but there is no indication of how well they are set up to do that.
I wonder how much mishief a bad actor can get up to with name, email and DOB, is that enough to open bank accounts, credit cards etc? What other nefarious activities might they get up to? Then that needs to be balanced with what probability someone can hack into a database with a very significant number of records (the more records there are, the higher the chance of someone trying I suppose). I'm sure that at work the IT department do rigorous Security Risk Assessments looking at all sorts of standards and security controls to ensure that data is kept safe. Is that relevant here? Should we be told?
Bottom line is, how safe is our data really going to be? Fixing an identityf theft problem after it's happened is really difficult as I understand it.
Just feeling a little nervous (especially after a recent incident where our local kids football website was hacked) and not sure where I go for re-assurance.
