A Norwegian court has ruled against Meta Platforms, the parent company of Facebook and Instagram, allowing the country's data regulator, Datatilsynet, to continue imposing a fine for breaches of user privacy. Meta had sought a temporary injunction to halt the fine, but the court's decision is considered a significant victory for user privacy.
OpenAI, the organization behind the development of advanced AI models, including ChatGPT, faces a significant legal challenge as a complaint has been filed with Poland's Office for Personal Data Protection (DPA) alleging multiple violations of the General Data Protection Regulation (GDPR). Lukasz Olejnik, a privacy and security researcher at a law firm in Warsaw, filed the complaint, accusing OpenAI of breaching GDPR rules related to data processing, access, fairness, transparency, and personal privacy.
Freecycle, a well-known online forum dedicated to promoting the exchange of used items to reduce waste, has officially confirmed a major data breach that has affected more than 7 million of its users.
CloudNordic and AzeroCloud, two Danish hosting providers, have fallen prey to a devastating ransomware attack resulting in the loss of substantial customer data and the suspension of all services.
As great as the threat of data breaches and compromised network privacy from cyberattacks is for healthcare organizations, the threat to health and life of patients for an affected hospital responding to a ransomware attack is far greater.
A sophisticated and large-scale phishing campaign utilizing the EvilProxy phishing-as-a-service (PhaaS) infrastructure has been targeting Microsoft 365 users for the past six months, leading to numerous successful account takeovers. The campaign, which impacted over 100 organizations globally, predominantly focused on senior executives, with threat actors sending more than 120,000 phishing emails between March and June 2023.
Foreign companies operating within China are grappling with mounting concerns as the deadline looms for compliance with the Data Security Law (DSL) and the Personal Information Protection Law (PIPL). Since the enactment of these regulations two years ago, foreign firms have been reevaluating their positions due to the introduction of stricter rules concerning international personal data transfers and increased government access to data stored within the country.