The UK Information Commissioner’s Office (ICO) has fined password manager provider LastPass £1.2 million following a 2022 data breach that exposed the personal information of up to 1.6 million UK users, concluding that the company failed to implement sufficiently robust security measures despite offering a service designed to improve online security.
Italy’s financial regulators are updating the rulebook on how banks, insurers, and other financial institutions stress-test their cyber defenses, as the EU’s Digital Operational Resilience Act moves from theory to day-to-day supervision.
Coupang is facing one of the most consequential cybersecurity crises in South Korea’s recent history, prompting Chief Executive Park Dae-jun to resign as the company works to contain the fallout, the Wall Street Journal first reported.
OpenAI is cautioning that its next wave of frontier AI systems is on track to reach “high” cybersecurity risk levels, a threshold the company says would meaningfully increase the number of people capable of executing sophisticated cyberattacks. The warning comes in a new internal assessment that was shared with Axios.
AI is excellent at both looking confident and eating data like it’s at an all-you-can-eat buffet. And while that’s great for accuracy and shiny demos, it’s a little less great for privacy teams who now have to explain to regulators why a training dataset suddenly includes customer chats, location trails, or that folder someone swore was anonymized.
Beginning the first week of January, the Office of the Australian Information Commissioner (OAIC) will launch its first compliance sweep examining how everyday businesses handle personal information they request directly from customers. Real estate agents at weekend house tours, pharmacy counters offering paperless receipts, and car rental desks asking for IDs are among the common touchpoints now under heightened scrutiny.
After months of pressure on website operators, the Information Commissioner’s Office says more than 95% of the UK’s top 1,000 most-visited websites now meet legal requirements when asking users to consent to advertising cookies. It’s a shift the regulator estimates has given roughly 40 million people, about 80% of the population over 14, much more meaningful say over how companies can track their browsing for targeted ads.