In recent developments, Ireland’s Data Protection Commissioner (DPC) has initiated an EU-wide investigation into Ryanair’s implementation of facial recognition technology during the customer booking process via third-party websites. This move comes on the heels of numerous complaints from Ryanair customers across Europe regarding the airline’s additional verification steps when bookings are made through online travel […]
CJEU Ruling: Meta's Data Use for Targeted Ads Must Now Conform to GDPR Standards
In an era where personal data drives advertising strategies, the recent ruling by the Court of Justice of the European Union (CJEU) carries profound implications for how companies like Meta, formerly known as Facebook, will manage user data. This decision stems from a complaint lodged by notable data privacy advocate Max Schrems, which highlighted breaches […]
MoneyGram Faces Challenges Amid Cybersecurity Outage
MoneyGram, a renowned player in the financial services sector, has recently experienced a significant setback attributed to a cybersecurity issue. The company confirmed that its services were disrupted due to this breach, which began affecting operations on September 20, leading to a multi-day outage. As reports surfaced, MoneyGram promptly took action, investigating the situation and […]
Mozilla Faces Privacy Complaint Over Firefox Tracking
Mozilla, the company behind the Firefox browser, has recently come under scrutiny due to a privacy complaint lodged by the activist group NOYB (None of Your Business). This Vienna-based organization has accused Mozilla of violating European privacy laws with its default tracking features that monitor users’ online activities without seeking explicit consent. The specific feature […]
CISA Head Urges Accountability from Tech Vendors for Software Security Failures
In a stark call to action at Mandiant’s mWise conference, Jen Easterly, the head of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), condemned technology vendors for a pervasive issue of delivering faulty and insecure software. Her remarks underscored a growing concern within the cybersecurity landscape, where the quality of software is crucial in the […]
Telegram Security Breach Exposes Medical Data: A Wake-Up Call for Digital Privacy
In an alarming incident that has reignited concerns over digital security and privacy, a hacker known as xenZen has claimed responsibility for leaking over 7 terabytes of sensitive medical data from Star Health, one of India’s largest health insurers. This data breach, facilitated through Telegram chatbots, has put millions of customers’ medical information at risk, […]
US FTC Highlights Privacy Concerns with Social Media Data
A recent report by the US Federal Trade Commission (FTC) raises significant alarm regarding the data practices of prominent social media platforms, including Meta, TikTok, and Twitch. The findings reveal that these companies lack transparency in how they gather, store, and manage user data, resulting in substantial privacy concerns for individuals, especially vulnerable groups like […]
Brazil Introduces Comprehensive Regulations for International Data Transfers
In an increasingly interconnected world, data privacy and protection have become top priorities for countries across the globe. Brazil recently stepped up its efforts to safeguard personal data by implementing new regulations that govern international data transfers. The Brazilian Data Protection Authority (ANPD) has released Resolution 19/2024, which builds upon the existing framework established by […]
China's New Guidelines Aim to Secure Sensitive Personal Data
China’s recent initiatives in data governance mark a significant step towards enhancing data protection within its jurisdiction. On September 20, 2024, the National Information Security Standardization Technical Committee (TC260) released new guidelines titled “Cybersecurity Standard Practice Guidelines – Sensitive Personal Information Identification.” This document aims to clarify what constitutes sensitive personal information and establish a […]
US CISA Urges Action on Vulnerable Ivanti Appliance
The Cybersecurity and Infrastructure Security Agency (CISA) is sounding the alarm for federal agencies to take immediate action regarding a critical vulnerability in Ivanti’s Cloud Service Appliance (CSA). Known as CVE-2024-8190, this flaw has already been exploited in recent cyberattacks. The urgency of the situation is reflected in CISA’s directive for all federal civilian agencies […]