IT Security & Privacy

The French Data Protection Authority (CNIL) has imposed a fine of 600,000 euros on GROUPE CANAL+, a prominent producer and distributor of pay television offers, for multiple violations of the General Data Protection Regulation (GDPR) and the French Post and Electronic Communications Code (CPCE). The fine comes as a result of various breaches, particularly in terms of commercial prospecting and individual rights.

Okta, a leading security technology provider for various organizations, has recently revealed that one of its customer service tools was compromised in a security breach. The hacker leveraged stolen credentials to access the company's support case management system and view files uploaded by certain customers. Okta's Chief Security Officer, David Bradbury, disclosed this breach in a securities filing. Fortunately, Okta emphasized that the affected system is distinct from its primary client platform, which remained secure.

The U.S. government's federal chief information security officer, Chris DeRusha, has cautioned federal agencies to exercise prudence when delving into the realm of generative artificial intelligence (AI). Speaking at a FAIR Institute conference of cybersecurity and risk managers, DeRusha emphasized the need to address risks associated with this technology before wholeheartedly embracing it.

As technology weaves itself into the fabric of modern business operations, the ever-evolving landscape of risks poses an ongoing challenge. The findings of the 11th annual Global Technology Audit Risks Survey, conducted by Protiviti in collaboration with The Institute of Internal Auditors (IIA), shed light on the pressing concerns occupying the minds of IT auditors and technology professionals.

Britain's financial watchdog, the Financial Conduct Authority (FCA), has imposed an £11 million ($13.4 million) fine on Equifax Ltd, the consumer credit rating company, for its role in one of the most significant cybersecurity breaches in history.

Genetics test-kit company 23andMe is now grappling with a class action lawsuit in the wake of a recent data breach. The plaintiffs argue that 23andMe's notification regarding the breach was inadequate, failing to provide essential information, including details about the containment of the threat and the breach's root cause.

In a troubling déjà vu for Spanish airline Air Europa, the company has fallen victim to yet another cyberattack, this time targeting its online payment system. The breach has resulted in the exposure of customers' credit card details, raising concerns over the airline's cybersecurity protocols and the safety of sensitive customer information.