Skip to main content

Tag: data protection

478 articles

third-party breaches: Stunning, Risky Wake-Up Call

third-party breaches: Stunning, Risky Wake-Up Call

Stellantis warns a third‑party supplier may have exposed customer personal data, leaving millions wondering what may actually means. Customers deserve clear answers about who was affected, what was leaked, and what protections will be offered.

Analyst 207
artificial intelligence: Must-Have or Risky for Banks

artificial intelligence: Must-Have or Risky for Banks

UK banks are sprinting to unlock AI’s productivity and customer‑service gains while racing to prevent unvetted public models from exposing millions of customers, pushing firms to build private registries, tighter governance, and controlled sandboxes. The big question: can they innovate fast enough to reap AI’s benefits while keeping regulators and customers confident their data is safe?

Analyst 207
New York Blood Center Must-Read: Critical Data Risk

New York Blood Center Must-Read: Critical Data Risk

About 194,000 people were affected when the New York Blood Center disclosed a breach exposing Social Security numbers, IDs, bank details and in some cases health information — a stark reminder that even trusted health organizations can become targets. If you were notified, enroll in offered monitoring, watch your accounts closely, and tighten passwords and fraud protections now.

Analyst 207
API security: Must-Have Defenses Against Risky Breaches

API security: Must-Have Defenses Against Risky Breaches

Thales’ report of 40,000+ API incidents in H1 2025 shows APIs have gone from a niche technical risk to a boardroom emergency — attackers are automating probes, scraping data and abusing business logic at scale. Now’s the moment to move API security from a checkbox to a strategic priority with discovery, fine‑grained auth, rate limiting and runtime protection.

Analyst 207
serious cyber incidents: Crucial Risky One-Hour Rule

serious cyber incidents: Crucial Risky One-Hour Rule

China’s new one-hour rule forces network operators to report “serious” cyber incidents almost instantly — a move that could speed containment and national coordination but also forces painful trade-offs between accuracy, privacy and operational reality.

Analyst 207
Identity Governance and Administration: Stunning Best Guide

Identity Governance and Administration: Stunning Best Guide

Who has the keys? Identity Governance and Administration puts that question to rest by giving you centralized visibility into who can access what, why they have it, and when to revoke it — so you can reduce risk, streamline onboarding, and prove compliance.

Analyst 207
Online Safety Act: Must-Have Reforms or Risky Overreach

Online Safety Act: Must-Have Reforms or Risky Overreach

As the House of Lords quizzes campaigners and experts on Ofcom’s tighter Online Safety Act guidance, peers must weigh protecting children from real harms against the risk of costly, privacy‑eroding rules that could stifle speech and small platforms. Their scrutiny could reshape how the UK balances safety, free expression and innovation — with real consequences for families, tech firms and regulators alike.

Analyst 207
data destruction: Must-Have Guide to Avoid Risky Fines

data destruction: Must-Have Guide to Avoid Risky Fines

Upgrading hardware? Improperly decommissioned SSDs and laptops can leave recoverable data that leads to fines, lawsuits and reputational damage—follow media-specific sanitization, certified destruction and auditable disposal practices to avoid costly penalties.

Analyst 207
script kiddie Risky Trend: Must-Have Parental Guide

script kiddie Risky Trend: Must-Have Parental Guide

Think a school outage means a shadowy hacker? More often it’s curious teens — the ICO says students cause over half of school cyberattacks — so parents can steer curiosity into clubs, supervised learning, and clear conversations about ethics before experimentation becomes real harm.

Analyst 207
data breaches in schools: Urgent Exclusive Warning

data breaches in schools: Urgent Exclusive Warning

A new ICO warning shows student hacks are increasingly exposing sensitive school data and could be training tomorrow’s cybercriminals. Schools urgently need practical security upgrades, ethics lessons and better funding to protect pupils and restore parental trust.

Analyst 207
student data Shocking Risky Exposure in School Email

student data Shocking Risky Exposure in School Email

A routine flu jab email at a Birmingham secondary school accidentally exposed personal details for hundreds of students, leaving parents alarmed and prompting urgent questions about data handling. The blunder shows how simple communication mistakes can erode trust—and why schools and health providers need stronger safeguards and clearer, safer ways to share information.

Analyst 207
SAP NetWeaver Must-Have Patch: Critical Risk Fix

SAP NetWeaver Must-Have Patch: Critical Risk Fix

SAP released urgent patches for critical NetWeaver and S/4HANA flaws — including a CVSS 10.0 deserialization bug that can enable remote code execution — so teams should quickly identify affected systems and apply fixes or mitigations.

Analyst 207
fitness call recordings: Stunning Privacy Risk

fitness call recordings: Stunning Privacy Risk

Imagine your gym keeping 1.6 million unprotected call recordings—names, payment details and even voiceprints—on an open database anyone could access. This wake‑up call shows how easily convenience becomes a privacy disaster unless companies encrypt, limit retention and lock down access now.

Analyst 207
SAP S/4HANA vulnerability: Critical Risky Threat

SAP S/4HANA vulnerability: Critical Risky Threat

A critical SAP S/4HANA vulnerability (CVE-2025-42957) is already being exploited in the wild, turning routine patching into an urgent race. Inventory exposed systems, apply mitigations or patches now, and hunt for signs of compromise before attackers reach your finance and HR systems.

Analyst 207
JLR cyberattack: Exclusive Risky Extortion Claim

JLR cyberattack: Exclusive Risky Extortion Claim

Jaguar Land Rover is probing claims by a group calling itself Scattered Spider that it stole data and issued an extortion demand. The incident highlights growing cyber risks for automakers — from customer privacy to vehicle software and supply-chain vulnerabilities.

Analyst 207
live facial recognition: Risky Exclusive Retail Trial

live facial recognition: Risky Exclusive Retail Trial

Sainsbury’s is trialling live facial recognition in two stores to catch repeat shoplifters, promising reduced losses and safer staff—but privacy advocates warn it’s intrusive, error-prone and could normalize constant surveillance. Will a few prevented thefts justify scanning shoppers’ faces, or will public concern and regulation redraw the line?

Analyst 207
cookie privacy failures: Stunning Harsh Fines Exposed

cookie privacy failures: Stunning Harsh Fines Exposed

France’s privacy watchdog hit Google and SHEIN with big fines for dropping tracking cookies and serving ads without proper consent — a wake-up call that could reshape online advertising and give users real control over their data.

Analyst 207
data leaks: Must-Have Critical Detection Tips

data leaks: Must-Have Critical Detection Tips

A single exposed ClickHouse instance showed how quiet misconfigurations can hand attackers the breadcrumbs they need; detecting leaks early turns that slow-burning risk into a manageable incident. Start with inventory, automated scans, and clear playbooks to stop a minor misstep from becoming a full-blown disaster.

Analyst 207
cyber incident: Stunning Risky Blow to Jaguar Sales

cyber incident: Stunning Risky Blow to Jaguar Sales

A recent cyber incident forced Jaguar to take IT systems offline, halting production and leaving workers home and customers wondering about deliveries. It’s a clear reminder that modern, connected factories can be brought to their knees by digital attacks — with real costs to sales, jobs and reputation.

Analyst 207
exposed Ollama servers: Risky Must-Have Security Fix

exposed Ollama servers: Risky Must-Have Security Fix

Cisco Talos found 1,100+ publicly exposed Ollama servers, creating easy paths for data theft, malicious model swaps, and other abuse. It’s a wake-up call to fix misconfigurations, enforce authentication, and make secure defaults the norm.

Analyst 207
restaurant robots: Shocking Security Risks Exposed

restaurant robots: Shocking Security Risks Exposed

A researcher known for probing McDonald’s systems found Pudu Robotics left administrative controls wide open, letting attackers redirect delivery bots and issue arbitrary commands. Restaurants, hotels and regulators need to act now to secure these ubiquitous machines before misuse causes safety, privacy or reputational harm.

Analyst 207
generative AI Stunning Risky Ban Divides Web

generative AI Stunning Risky Ban Divides Web

Vivaldi CEO Jon von Tetzchner drew a line in the sand by banning generative AI agents from browsing the web, arguing automation undermines consent, copyright and publishers’ income. The move reignites a crucial debate over who gets to shape the future of the open web.

Analyst 207
systemic failures: Stunning $97M fine signals severe risk

systemic failures: Stunning $97M fine signals severe risk

SK Telecom was slapped with a record ₩134.5 billion (≈$97M) fine after regulators found basic security blunders that left internal networks exposed — a sharp reminder that weak segmentation and access controls can turn routine services into a breach gateway. The penalty is meant to punish the lapses and push the industry toward stronger, lasting protections for user data.

Analyst 207
Church of England Shocking Data Leak: Damaging Trust Breach

Church of England Shocking Data Leak: Damaging Trust Breach

A London law firm’s mass-email blunder exposed nearly 200 Church of England abuse survivors, shredding fragile trust and reigniting fears about privacy and stigma. Survivors are asking for concrete, survivor-led fixes—independent audits, better tech and trauma‑informed protections—if an apology is to mean anything.

Analyst 207