Tag: data protection
478 articles

third-party breaches: Stunning, Risky Wake-Up Call
Stellantis warns a third‑party supplier may have exposed customer personal data, leaving millions wondering what may actually means. Customers deserve clear answers about who was affected, what was leaked, and what protections will be offered.

artificial intelligence: Must-Have or Risky for Banks
UK banks are sprinting to unlock AI’s productivity and customer‑service gains while racing to prevent unvetted public models from exposing millions of customers, pushing firms to build private registries, tighter governance, and controlled sandboxes. The big question: can they innovate fast enough to reap AI’s benefits while keeping regulators and customers confident their data is safe?

New York Blood Center Must-Read: Critical Data Risk
About 194,000 people were affected when the New York Blood Center disclosed a breach exposing Social Security numbers, IDs, bank details and in some cases health information — a stark reminder that even trusted health organizations can become targets. If you were notified, enroll in offered monitoring, watch your accounts closely, and tighten passwords and fraud protections now.

API security: Must-Have Defenses Against Risky Breaches
Thales’ report of 40,000+ API incidents in H1 2025 shows APIs have gone from a niche technical risk to a boardroom emergency — attackers are automating probes, scraping data and abusing business logic at scale. Now’s the moment to move API security from a checkbox to a strategic priority with discovery, fine‑grained auth, rate limiting and runtime protection.

serious cyber incidents: Crucial Risky One-Hour Rule
China’s new one-hour rule forces network operators to report “serious” cyber incidents almost instantly — a move that could speed containment and national coordination but also forces painful trade-offs between accuracy, privacy and operational reality.

Identity Governance and Administration: Stunning Best Guide
Who has the keys? Identity Governance and Administration puts that question to rest by giving you centralized visibility into who can access what, why they have it, and when to revoke it — so you can reduce risk, streamline onboarding, and prove compliance.

Online Safety Act: Must-Have Reforms or Risky Overreach
As the House of Lords quizzes campaigners and experts on Ofcom’s tighter Online Safety Act guidance, peers must weigh protecting children from real harms against the risk of costly, privacy‑eroding rules that could stifle speech and small platforms. Their scrutiny could reshape how the UK balances safety, free expression and innovation — with real consequences for families, tech firms and regulators alike.

data destruction: Must-Have Guide to Avoid Risky Fines
Upgrading hardware? Improperly decommissioned SSDs and laptops can leave recoverable data that leads to fines, lawsuits and reputational damage—follow media-specific sanitization, certified destruction and auditable disposal practices to avoid costly penalties.

script kiddie Risky Trend: Must-Have Parental Guide
Think a school outage means a shadowy hacker? More often it’s curious teens — the ICO says students cause over half of school cyberattacks — so parents can steer curiosity into clubs, supervised learning, and clear conversations about ethics before experimentation becomes real harm.

data breaches in schools: Urgent Exclusive Warning
A new ICO warning shows student hacks are increasingly exposing sensitive school data and could be training tomorrow’s cybercriminals. Schools urgently need practical security upgrades, ethics lessons and better funding to protect pupils and restore parental trust.

student data Shocking Risky Exposure in School Email
A routine flu jab email at a Birmingham secondary school accidentally exposed personal details for hundreds of students, leaving parents alarmed and prompting urgent questions about data handling. The blunder shows how simple communication mistakes can erode trust—and why schools and health providers need stronger safeguards and clearer, safer ways to share information.

SAP NetWeaver Must-Have Patch: Critical Risk Fix
SAP released urgent patches for critical NetWeaver and S/4HANA flaws — including a CVSS 10.0 deserialization bug that can enable remote code execution — so teams should quickly identify affected systems and apply fixes or mitigations.

fitness call recordings: Stunning Privacy Risk
Imagine your gym keeping 1.6 million unprotected call recordings—names, payment details and even voiceprints—on an open database anyone could access. This wake‑up call shows how easily convenience becomes a privacy disaster unless companies encrypt, limit retention and lock down access now.

SAP S/4HANA vulnerability: Critical Risky Threat
A critical SAP S/4HANA vulnerability (CVE-2025-42957) is already being exploited in the wild, turning routine patching into an urgent race. Inventory exposed systems, apply mitigations or patches now, and hunt for signs of compromise before attackers reach your finance and HR systems.

JLR cyberattack: Exclusive Risky Extortion Claim
Jaguar Land Rover is probing claims by a group calling itself Scattered Spider that it stole data and issued an extortion demand. The incident highlights growing cyber risks for automakers — from customer privacy to vehicle software and supply-chain vulnerabilities.

live facial recognition: Risky Exclusive Retail Trial
Sainsbury’s is trialling live facial recognition in two stores to catch repeat shoplifters, promising reduced losses and safer staff—but privacy advocates warn it’s intrusive, error-prone and could normalize constant surveillance. Will a few prevented thefts justify scanning shoppers’ faces, or will public concern and regulation redraw the line?

cookie privacy failures: Stunning Harsh Fines Exposed
France’s privacy watchdog hit Google and SHEIN with big fines for dropping tracking cookies and serving ads without proper consent — a wake-up call that could reshape online advertising and give users real control over their data.

data leaks: Must-Have Critical Detection Tips
A single exposed ClickHouse instance showed how quiet misconfigurations can hand attackers the breadcrumbs they need; detecting leaks early turns that slow-burning risk into a manageable incident. Start with inventory, automated scans, and clear playbooks to stop a minor misstep from becoming a full-blown disaster.

cyber incident: Stunning Risky Blow to Jaguar Sales
A recent cyber incident forced Jaguar to take IT systems offline, halting production and leaving workers home and customers wondering about deliveries. It’s a clear reminder that modern, connected factories can be brought to their knees by digital attacks — with real costs to sales, jobs and reputation.

exposed Ollama servers: Risky Must-Have Security Fix
Cisco Talos found 1,100+ publicly exposed Ollama servers, creating easy paths for data theft, malicious model swaps, and other abuse. It’s a wake-up call to fix misconfigurations, enforce authentication, and make secure defaults the norm.

restaurant robots: Shocking Security Risks Exposed
A researcher known for probing McDonald’s systems found Pudu Robotics left administrative controls wide open, letting attackers redirect delivery bots and issue arbitrary commands. Restaurants, hotels and regulators need to act now to secure these ubiquitous machines before misuse causes safety, privacy or reputational harm.

generative AI Stunning Risky Ban Divides Web
Vivaldi CEO Jon von Tetzchner drew a line in the sand by banning generative AI agents from browsing the web, arguing automation undermines consent, copyright and publishers’ income. The move reignites a crucial debate over who gets to shape the future of the open web.

systemic failures: Stunning $97M fine signals severe risk
SK Telecom was slapped with a record ₩134.5 billion (≈$97M) fine after regulators found basic security blunders that left internal networks exposed — a sharp reminder that weak segmentation and access controls can turn routine services into a breach gateway. The penalty is meant to punish the lapses and push the industry toward stronger, lasting protections for user data.

Church of England Shocking Data Leak: Damaging Trust Breach
A London law firm’s mass-email blunder exposed nearly 200 Church of England abuse survivors, shredding fragile trust and reigniting fears about privacy and stigma. Survivors are asking for concrete, survivor-led fixes—independent audits, better tech and trauma‑informed protections—if an apology is to mean anything.