Hundreds of Irish customers’ home addresses and emails – which may be linked to other online accounts – were leaked online by cosmetics and pharmaceutical giant Johnson & Johnson.
To take advantage of a promotion for Aveeno moisturiser, Johnson & Johnson asked customers to fill in an online form. The form was checked against a text file of individuals who had already signed up, in order to prevent people from getting more than one free sample, but this file was then accidentally published online.
With the General Data Protection Regulation (GDPR) coming into force in four months, this breach highlights the importance of ensuring customer data is handled correctly at all stages of processing, and that vendor management and all third parties handling personal data have the correct procedures in place to keep this data secure.
Attend our certified GDPR training courses in Cork, Dublin or Galway to find out how to ensure your vendors and supply chain will stand up to the Regulation. Book now to avoid disappointment >>