Tag: gdpr
101 articles
Ukrainian Hacker Pleads Guilty in Conti Ransomware Case
Meet Oleksii Lytvynenko, a Ukrainian hacker who just pleaded guilty to his role in the notorious Conti ransomware case, which targeted over 1,000 victims worldwide and raked in a staggering $150 million in ransom payments. He's now facing up to 20 years in prison for his involvement.
WhatsApp Disrupts NSO Group's Spearphishing Campaign
WhatsApp has successfully shut down a sneaky phishing campaign by notorious spyware firm NSO Group, which tried to trick users into clicking malicious links to spy on them. The messaging giant is now asking a US court to hold NSO Group accountable for violating a ban on targeting users.
Meta Disrupts NSO Group's WhatsApp Phishing Campaign
Meta detected and blocked a sneaky WhatsApp phishing campaign linked to NSO Group, where attackers tried to trick people into clicking malicious links that led to external websites. The company also filed a contempt order against NSO for allegedly violating a court injunction by targeting WhatsApp users.
UK Water Supplier Fined $1.3M for Data Exposure Lapse
A UK water supplier has been slapped with a $1.3 million fine after a devastating cyber attack exposed the personal data of nearly 664,000 customers and employees, with sensitive information even being published on the dark web. The hefty penalty was reduced by 40% after the company admitted liability and cooperated with investigators.
Škoda Discloses Data Breach After Online Shop Hack
Škoda's online shop was recently hacked, exposing customer data after attackers exploited a vulnerability in the e-commerce software. The company has since fixed the issue, alerted authorities, and is working with a forensics team to investigate.
UK Water Firm Fines £1m for 2-Year Data Breach Alternatively: South Staffordshire Water Breach Exposes 633,000 Or: Data Regulator Fines South Staffordshire Water £1m Best option: South Staffordshire Water Hit with £1m Data Breach Fine
Proactive security is no longer a nicety, but a necessity - as South Staffordshire Water's £1m fine for a 2-year data breach exposing 633,000 individuals' personal info painfully illustrates. Waiting for a ransom note or performance issues to discover a breach simply isn't an option.
Meta Challenges Ofcom's Billion-Dollar Fine Formula
Meta is pushing back against Ofcom's hefty fine formula, calling it "disproportionate" and arguing that the regulator should ditch its practice of counting global revenue when doling out penalties. The tech giant is challenging the watchdog's approach, seeking a fairer way to calculate fines.
UK Age-Gating Plans Threaten Internet Openness, Privacy Groups Warn
Privacy groups, including EFF and Mozilla, are warning that UK age-gating plans could threaten the openness and freedom of the internet, stifling opportunities for individuals, businesses, and society as a whole. The proposed measures have sparked a joint public pushback from leading advocates for civil liberties and online rights.
Medtronic Faces Federal Lawsuits Over Recent Hack
Medtronic is facing a wave of federal lawsuits after a massive data breach exposed over 9 million records containing sensitive personal information, sparking concerns about the company's handling of customer data. The breach, attributed to the ransomware gang ShinyHunters, has left many questioning the vulnerability of medical device manufacturers to cyber threats.
UK Biobank Data Surfaces for Sale on Alibaba Amid Security Probe
UK Biobank data was mysteriously listed for sale on Alibaba, but thankfully, the listings were swiftly removed with the help of the UK and Chinese governments, and no sales were made. The sensitive data, which includes genomic information, health records, and medical imaging, had been shared with researchers but was de-identified to protect participants' identities.
EU Advances Mandatory Online Age Verification Despite Security Risks
The European Commission's recent findings have revealed that Meta failed to protect minors, with a staggering 12% of European children under 13 reportedly accessing Facebook or Instagram, sparking concerns over online safety. This has led to a push for mandatory online age verification, despite security risks.
Healthcare Sector Grapples with Rising Medical Device Cyberattacks
A staggering one in four healthcare organizations have fallen victim to cyberattacks that compromised their medical devices in the past year, posing a significant threat to patient care. This alarming trend highlights a pressing need for robust medical device cybersecurity measures to prevent delayed treatments and critical care interruptions.
Carnival Breach Exposes 7.5M Emails in Alleged ShinyHunters Hack
A massive data breach at Carnival Corporation has exposed a whopping 7.5 million emails, allegedly at the hands of the notorious ShinyHunters hack group, after failed negotiations between the two parties left customers' sensitive information vulnerable. The breach is said to have yielded terabytes of internal corporate data, sparking concerns for customers and the company behind Holland America Line.
Germany Revives ISP Data Retention Mandate Amid Privacy Concerns
Germany's government is pushing for a new law that would require internet service providers to store customer connection data for three months to help combat online crimes, sparking concerns about privacy. The proposed mandate, justified as a way to keep the digital space safe from criminals, has been approved by the national cabinet and now awaits parliamentary approval.
Rituals Discloses Data Breach Affecting Millions of Customers
Rituals recently discovered a data breach affecting millions of customers, compromising sensitive personal info like names, email addresses, and home addresses, but fortunately, no passwords or payment details were accessed. The company has since contained the incident, blocked unauthorized access, and notified authorities.
House Republicans Unveil National Data Privacy Bill
House Republicans have introduced the Secure Data Act, a groundbreaking national data privacy bill that puts Americans in control of their personal data and holds companies accountable for keeping it safe. The proposed law would give consumers the power to opt out of data collection for targeted ads, third-party sales, and automated decision-making.
Anthropic's Claude Desktop sparks EU consent concerns
Can a single app really reach into your other software without asking for permission? The surprising behavior of Anthropic's Claude Desktop for macOS is raising eyebrows and sparking concerns about consent under EU law.
EU Awards $213M Cloud Contract to Boost Digital Sovereignty
The European Union has taken a bold step towards digital independence with a $213 million cloud contract awarded to four European providers, marking a significant shift away from US tech dominance. This strategic move is set to bolster the EU's digital sovereignty.
Stryker Cyberattack Impacts Q1 Financials Amid Insurance Gap
A March cyberattack has dealt a double blow to global medtech giant Stryker, impacting its Q1 financials and highlighting a glaring vulnerability: the company lacks cyber insurance to cover the costs. Iranian hackers have publicly claimed responsibility for the incident, adding a complex layer to Stryker's already troublesome situation.
Booking.com Exposes Reservation Data Breach Risk
Did you know that a recent data breach at Booking.com may have exposed sensitive trip details, including your name, contact info, and private messages to hotels, to unknown attackers? This incident is a stark reminder that even major travel platforms can be vulnerable to data breaches, putting your personal info at risk.
Basic-Fit Discloses Data Breach Exposing Member Information
Basic-Fit, Europe's largest gym chain, has confirmed a data breach that exposed sensitive information, including bank details, for around one million customers, raising urgent concerns about data security and accountability. The breach, which resulted from a cyberattack, compromised names, addresses, dates of birth, and financial information, but thankfully did not involve password theft.
EngageLab SDK Flaw Compromises 50M Android Users
A security flaw in the EngageLab SDK has put a whopping 50 million Android users at risk, allowing apps on the same device to bypass Android's security sandbox and gain unauthorized access to sensitive information. This vulnerability, now patched, exposed cryptocurrency wallet users and others to potential data breaches.
Eurail Breach Compromises 300,000 Customer Records
A single misstep by Eurail B.V. has put the personal information of over 300,000 travelers at risk, following a massive data breach in December 2025 that exposed sensitive customer records. As we rely on digital services to plan our cross-border getaways, this breach forces us to confront the delicate balance between convenience and data security.
UK to Spend £630K on Digital ID Public Consultation Panel
The UK government is investing £630,000 in a people's panel to gather public feedback on its proposed digital identity scheme, aiming to address concerns and build trust in the new system. But will this hefty price tag buy genuine public engagement or just political cover?