Texas Attorney General Ken Paxton has filed a lawsuit against industry titan General Motors (GM) over the company's alleged unlawful collection and sale of driver data. This action comes as part of a broader data privacy and security initiative launched by Paxton to aggressively enforce Texas privacy laws.
The UK's Information Commissioner's Office (ICO), the independent regulator for data protection and information rights, has launched a new online tool to simplify privacy notice creation for small businesses.
The Spanish Data Protection Agency (AEPD) has launched a sanction procedure against Uniqlo Europe, Ltd, Spanish Branch, following a significant data breach that occurred in August 2022. The incident came to light when a former employee filed a complaint on March 31, 2023, revealing that they had received an email containing a PDF with payroll information of 447 Uniqlo workers.
The Australian Prudential Regulation Authority (APRA) has released a new set of insights regarding common cyber control weaknesses observed among regulated entities. This guidance is part of APRA’s continued effort to bolster cyber resilience across the financial sector, which includes banks, superannuation funds, and insurance companies. The latest communication builds on APRA’s previous focus on data backup security and highlights critical areas where many institutions fall short.
National Public Data (NPD), a Florida-based background check company, has suffered a data breach of staggering proportions. The breach potentially compromises the personal information of 2.9 billion individuals across the United States, United Kingdom, and Canada. This incident, first reported in April 2024, has sent shockwaves through the cybersecurity community, raising critical questions about the resilience of IT systems and the protection of sensitive personal information in the digital age.
The Polish Data Protection Authority (UODO) has levied a substantial fine of approximately $360,000 USD against a major healthcare provider, identified as A. S.A., for multiple violations of the General Data Protection Regulation (GDPR). This decision follows an extensive investigation into a severe data breach that compromised the personal information of around 150,000 individuals, including both patients and employees.
In an era where digital transformation is accelerating at an unprecedented pace, the cybersecurity landscape is evolving just as rapidly. The latest Cost of a Data Breach Report from IBM Security sheds light on the complex challenges organizations face in 2024, revealing both concerning trends and promising solutions.