The top French privacy regulator has imposed a fine of 40 million euros against a Parisian advertising technology company for its use of website tracking cookies and failure to process users' personal data in compliance with privacy laws under the General Data Protection Regulation.
A proposed federal class action lawsuit alleges that patient debt collection software firm Intellihartx was negligent in its handling of third-party risk, contributing to a breach affecting nearly 490,000 individuals and involving a recent hack on its file transfer software vendor Fortra.
Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. This week: Sam Bankman-Fried is set to face two criminal trials instead of one, Binance is sinking deeper into regulatory quicksand, and the Mango Markets hacker is expected to be tried on Dec. 4.
State regulators have fined health plan Kaiser Permanente $450,000 for a mailing mishap that sent private health plan records to the outdated addresses of 167,095 patients. The erroneous mailing was triggered by a technical update of the health plan's electronic health records system.
The U.S. Department of Justice unveiled a new team - the National Security Cyber Section - to disrupt nation-state threat actors and prosecute them at the "earliest stages." NatSec Cyber will work closely with the DOJ's Computer Crime and Intellectual Property Section.
Federal market regulators delayed until October a decision on rules mandating private sector disclosure of cybersecurity incidents and cyber expertise on public boards. The delay comes amid pushback to a mandate to disclose a "material cybersecurity incident" within four business days of discovery.
Major healthcare industry associations are urging federal regulators to finalize proposed changes to the HIPAA privacy rule that would bolster protections over reproductive healthcare data. In some cases, the groups are suggesting that regulators go even further in stretching privacy safeguards.
A British cyber law that criminalizes hacking is outdated, hindering law enforcement action against cyber crooks, U.K. lawmakers heard during a parliamentary hearing on cybercrime. Graeme Biggar, the director general of the U.K's National Crime Agency, said it should be an offense to steal data.
The BlackCat ransomware group has claimed credit for a February phishing attack against Reddit. With no ransom being paid, the extortionists are now seeking to insert themselves into the standoff between Reddit's leadership and volunteer workforce over the introduction of paid access to APIs.
A consumer genetic testing company must ensure the destruction of customer saliva samples and undergo third-party evaluation of its information security program for the next two decades under a proposed consent order with the U.S. Federal Trade Commission.
Ransomware actors are using the thing that verifies crypto transactions - mining - to their advantage. More criminals are laundering their ill-gotten gains by re-minting the digital money through mining to sanitize funds and bypass controls imposed by more highly regulated financial institutions.
In the latest weekly update, ISMG editors discuss how cyber risk is becoming more closely tied to the economic health of nations, why a rural U.S. healthcare provider is closing due in part to ransomware attack woes, and why some cybersecurity companies have laid off staff this month.
A commercial real estate company that operates more than a dozen addiction recovery centers and other medical facilities in several states is notifying 319,500 employees and patients of a recent ransomware incident that compromised their personal and health information.
Federal regulators have hit Washington state-based Yakima Valley Memorial Hospital with a $240,000 HIPAA fine and correction action plan following a 2018 breach involving 23 hospital security guards who snooped into the electronic medical records of 419 patients.
European lawmakers on Wednesday voted overwhelmingly in favor of restrictions for the artificial intelligence industry, approving a regulatory package obliging generative AI model makers to mitigate societal risks and banning a slew of applications, such as biometric recognition in public places.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.