GDPArrrrr: Using Privacy Laws to Steal Identities

Watch on YouTube

Show annotations




Genre: Travel & Events

Family friendly? Yes

Wilson score: 0.9745

Rating: 4.9599 / 5

Engagement: 0.0346%

Black Hat

Subscribe | 144K

Shared September 23, 2019

By James Pavur

On May 25, 2018 the European Union's General Data Protection Regulation (GDPR) came into effect, bringing with it the most expansive governmental effort to regulate data security and privacy to date. Among the GDPR's many provisions is the "Right of Access," which states that individuals have the right to access their personal data. This provision can be easily abused by social engineers to steal sensitive information that does not belong to them.

Full Abstract & Presentation Materials: