IT Security & Privacy

In a move as timely as a life-saving intervention, the European Union Agency for Cybersecurity, ENISA, has set its sights on strengthening the digital defenses of Europe's healthcare systems. With hospitals and healthcare providers increasingly targeted by cyberattacks, the European Commission's proposed Action Plan for Healthcare Cybersecurity couldn’t be more urgent. ENISA has pledged to collaborate with Member States, healthcare providers, and the wider cybersecurity community to address this pressing challenge.

It’s the kind of scenario that sounds like a privacy nightmare. You’re driving your car, thinking you’re just using a standard service like navigation or emergency assistance, only to later discover that every movement you make—your precise location, your driving behavior—has been quietly tracked and sold without your knowledge or consent. That’s exactly what the Federal Trade Commission (FTC) is accusing General Motors (GM) and its OnStar service of doing.

If you’ve ever felt a pang of anxiety about whether your web hosting service is keeping your data safe, the Federal Trade Commission (FTC) is here to validate those fears. Today, the FTC announced a proposed settlement with GoDaddy, one of the world’s largest web hosting companies, after accusing it of leaving the digital backdoor wide open for cybercriminals—and misleading its customers about the state of its security.

The Federal Trade Commission (FTC) has recently banned data broker Mobilewalla Inc. from selling sensitive location data. The settlement, finalized this week, not only reprimands the company’s questionable practices but also sends a strong message about the importance of consumer consent in the digital age.

Picture this: a casual round of Candy Crush, a swipe through a dating app, or even the quiet tracking of a pregnancy journey. For millions of users, these seemingly harmless digital interactions may have just become part of a cyber nightmare. Last week, Gravy Analytics, a major location data broker, revealed a data breach that could have leaked precise location data from popular mobile apps, exposing users' private movements—and potentially sensitive locations like military bases and government buildings.

In a sweeping enforcement action led by a group of state financial regulatory agencies, Bayview Asset Management LLC and three affiliates—Lakeview Loan Servicing, Community Loan Servicing, and Pingora Holdings—will pay a $20 million penalty for deficient cybersecurity practices and non-compliance with state supervisory demands.

In an age where your digital footprint stretches further than your shadow, Denmark’s Data Protection Authority (DPA) is stepping up with a bold plan for 2025. Think of it as a privacy playbook—not just for tech companies or lawmakers, but for everyone navigating the delicate balance between innovation and individual rights.