A cyberattack that quietly unfolded inside the systems of South Staffordshire Water for nearly two years has resulted in a hefty regulatory penalty and renewed scrutiny of cybersecurity standards across critical infrastructure providers in the UK.
California Attorney General Rob Bonta announced Friday that General Motors has agreed to a proposed $12.75 million settlement over allegations the company illegally sold the driving and location data of hundreds of thousands of Californians to third-party data brokers without consumers’ knowledge or consent.
Australia’s corporate regulator has issued one of its biggest cyber warnings yet, cautioning that the rapid rise of frontier artificial intelligence is fundamentally changing the threat landscape and putting pressure on financial institutions to strengthen their defenses before existing weaknesses are exposed at scale.
A suspected cyberattack involving the widely used learning platform Canvas is drawing growing scrutiny from privacy regulators after universities and college campuses in Norway began reporting potential exposure of student and institutional data linked to the incident.
Hungary’s data protection authority has opened an investigation into a major reported data leak involving Mediaworks Hungary Zrt., after hackers allegedly stole and published millions of files containing sensitive personal information on the dark web.
The Danish Data Protection Agency has ordered Aalborg Municipality to bring its handling of personal data into compliance with data protection rules, after an investigation found the municipality had failed to delete information it no longer had a legal basis to retain.
Ireland’s Data Protection Commission has opened a formal inquiry into Infinite Styles Services, the Irish entity of SHEIN, examining how it transfers the personal data of EU and EEA users to China.