Russian hackers stole 50 million passwords from popular online services such as PayPal, Amazon, Roblox, Steam and crypto wallets by deploying infostealer malware on users’ devices.
A new paper from global law multinational DLA Piper lays out the case for a risk-based approach to GDPR international data transfers, arguing that the status quo is too onerous and that data exporters are suffering.
The GDPR fine was sparked by a round of media reports in early 2021 documenting how the personal data of over 530 million Facebook users was left open to data scraping for an extended period thanks to faults in certain tools.
Though the fine is not one of the largest issued by CNIL (or for general GDPR violations across the bloc), the case is noteworthy in that Discord is mostly being taken to task for not providing default or built-in security options rather than the fallout of a specific data breach.
The fourth draft data protection bill looks to be no less contentious, as it adds vital protections but also exempts the country's government from all of its terms and appears to give tech platforms a fairly free hand in sending citizen data overseas.
The ransomware attack on AirAsia took place on November 11 and 12, with samples of the stolen personal data being leaked to the group's dark web site about a week later. The posted samples contain employee personal information as well as passenger booking information.
Losing Ireland "main establishment" status means that any national DPA in the EU could bring direct GDPR action against Twitter on behalf of its citizens without the standard collaborative process that ultimately funnels everything through the Irish DPC.
Iranian hackers installed crypto miner on federal agency’s network after exploiting unpatched Log4Shell vulnerability on the VMWare Horizon server to gain access. The threat actors moved laterally to the domain controller, compromised credentials and implanted reverse proxies on several hosts to maintain persistence.
New EU anti-money laundering regulations currently under discussion would include a ban on privacy coins such as Dash, Monero and Zcash that add further layers of anonymity to the standard blockchain transaction.
Researchers discovered thousands of Amazon RDS snapshots shared publicly either accidentally or deliberately that were inadvertently leaking clients’ personally identifiable information (PII).
