Most SA companies don't report employee data breaches

[Jan]

Shocking number of South African companies don't report employee data breaches

46% of South African companies prefer not to disclose data breaches in which their employees' personal information was leaked, according to Kaspersky's Employee Wellbeing 2021 report.

The cybersecurity solutions provider said that while high-profile data breaches were mainly associated with stealing customer information, personal employee data was also very popular with cybercriminals.

 

[JuliusSeizure]

Most of the time, it's ignorance of the consequences. They tend to just think its going to be harmless.

They view it as similar to the random trojan you get every now and then which does not do much.

 

[Johand]

Most employers don't give a flying pig about employee data when it comes to POPIA. Lot of effort on the client side, but once it comes to employee data they wave their hands and point to the employment contract and the POPIA reasonable processing exceptions even if it isn't minimized data collection.

My big bugbear is Mobile Device Management software that is semi-expected to be installed on your private phone that ends up shipping a lot of information to countries with no protection. Yet this software can tie your identity to health, sexual orientation or religion just by looking at the Apps installed on your phone. Even with location tracking disabled they collect information on WiFi networks which can be used to locate you.