Synnovis, a pathology laboratory handling blood tests for multiple NHS organizations in South East London, has fallen victim to a cyber attack, triggering concerns over potential data exposure affecting NHS patients.
The European Union Agency for Cybersecurity (ENISA) has concluded its 7th edition of Cyber Europe, one of the largest cybersecurity exercises in Europe, held in June 2024. This year's exercise focused on testing the resilience of the EU energy sector against sophisticated cyber threats, underscoring the critical nature of energy infrastructure in an increasingly ICT-dependent society and showcasing the crucial role of the European cyber crisis liaison organization network (EU-CyCLONe).
On April 7, 2024, U.S. Senator Maria Cantwell (D-WA), Chair of the Senate Committee on Commerce, Science and Transportation, and U.S. Representative Cathy McMorris Rodgers (R-WA), Chair of the House Committee on Energy and Commerce, released a discussion draft of the American Privacy Rights Act (APRA). This bipartisan, bicameral draft legislation seeks to unify the fragmented landscape of sectoral-based and state-specific data privacy laws in the United States.
The data protection authorities of the United Kingdom and Canada have announced a collaborative investigation into the significant data breach at 23andMe, a leading global provider of direct-to-consumer genetic testing services.
The European Supervisory Authorities (ESAs) and the European Union Agency for Cybersecurity (ENISA) have signed a multilateral Memorandum of Understanding (MoU). This agreement formalizes ongoing discussions and sets the framework for strengthened cooperation and information exchange between the agencies.
The Office of the Australian Information Commissioner (OAIC) has filed civil penalty proceedings against Medibank Private Limited in the Federal Court, alleging serious privacy breaches related to the health insurer's massive data breach in October 2022.
Live Nation Entertainment, the global entertainment and ticketing giant, has fallen victim to a cyber attack where company data was accessed and stolen by a criminal hacker. The company disclosed the incident in a regulatory filing.