Tag: GDPR
-
DeepSeek hit by cyberattack and outage amid breakthrough success
Tags: access, ai, apple, attack, ceo, china, compliance, control, cyberattack, cybersecurity, data, detection, encryption, finance, GDPR, google, group, HIPAA, infrastructure, malicious, nvidia, open-source, risk, saas, service, startup, technology, threat, tool, training, vulnerabilityChinese AI startup DeepSeek said it was hit by a cyberattack, prompting the company to restrict user registrations and manage website outages as demand for its AI assistant soared.According to the company’s status page, DeepSeek has been investigating the issue since late evening Beijing time on Monday.”Due to large-scale malicious attacks on DeepSeek’s services, registration…
-
Box-Checking or Behavior-Changing? Training That Matters
Exploring New Ways to Deliver and Measure Cybersecurity Awareness Programs Regulations like GDPR, HIPAA and CMMC have made security awareness training a staple of corporate security programs. But compliance is only part of the story. Organizations face an even deeper challenge: influencing employee behavior in ways that create a truly secure workplace. First seen on…
-
Security chiefs whose companies operate in the EU should be exploring DORA now
Tags: attack, business, ciso, compliance, conference, corporate, cyber, cybersecurity, data, detection, dora, finance, framework, GDPR, incident, network, regulation, resilience, risk, service, technology, threat, vulnerabilityIf your enterprise operates in Europe, you should care about the Digital Operational Resilience Act (DORA), which took effect on January 17. DORA, also known as Directive (EU) 2022/2555 of the European Parliament, aims to enhance and build the EU’s cybersecurity capabilities and it has been hanging like the Sword of Damocles over the heads…
-
Three Keys to Modernizing Data Security: DSPM, AI, and Encryption
Tags: access, ai, automation, best-practice, business, cloud, compliance, container, control, cyber, cybercrime, data, data-breach, detection, encryption, GDPR, incident response, infrastructure, privacy, regulation, risk, saas, security-incident, skills, software, strategy, threat, tool, vulnerabilityThree Keys to Modernizing Data Security: DSPM, AI, and Encryption andrew.gertz@t“¦ Tue, 01/21/2025 – 14:56 Organizations worldwide face a “perfect storm” of increasing and ever-evolving cyber threats. Internal and external factors are at play, elevating cyber risks and their consequences and mandating new approaches to safeguard data. A recent study based on responses from over…
-
GDPR Fines Total Euro1.2bn in 2024
Data from DLA Piper showed a 33% year-on-year fall in GDPR fines issued in Europe in 2024, with total penalties reaching Euro1.2bn First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/gdpr-fines-total-2024/
-
European Court Fines European Commission for GDPR Violation
Transfer of German Man’s IP Address Wins Him 400 Euros. European privacy regulation – bane of American technology companies and a favorite cudgel of activists – came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.…
-
Court orders European Commission to pay its first-ever GDPR fine
A German citizen will receive Euro400 from the European Commission for a violation of the General Data Privacy Regulation (GDPR), the first time the EU’s executive arm will pay such a fine.]]> First seen on therecord.media Jump to article: therecord.media/european-commission-pays-gdpr-fine-german-citizen
-
The biggest data breach fines, penalties, and settlements so far
Tags: access, apache, attack, breach, business, china, ciso, communications, compliance, control, credentials, credit-card, cyberattack, cybercrime, cybersecurity, data, data-breach, email, finance, flaw, framework, GDPR, google, hacker, Hardware, identity, Internet, law, leak, linkedin, microsoft, mobile, monitoring, network, office, phone, privacy, regulation, risk, service, software, technology, tool, training, update, vulnerabilitySizable fines assessed for data breaches in recent years suggest that regulators are getting more serious about cracking down on organizations that don’t properly protect consumer data.Hit with a $ 1.3 billion fine for unlawfully transferring personal data from the European Union to the US, Meta tops the list of recent big-ticket sanctions, with one…
-
How a Global Insurer Protects Customer Data Achieves Compliance With DataDome
Discover how a global insurance leader leverages DataDome to protect endpoints from sophisticated bots, achieve GDPR compliance, block brute-force attacks, and gain actionable threat insights. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/how-a-global-insurer-protects-customer-data-achieves-compliance-with-datadome/
-
Volkswagen massive data leak caused by a failure to secure AWS credentials
A failure to properly protect access to its AWS environment is one of the root causes of the recent massive Volkswagen data leak, according to a presentation on the incident at the Chaos Computer Club on Dec. 27.But the security analyst who helped expose the leak said the $351 billion car manufacturer violated its own…
-
Italy Fines OpenAI Euro15 Million for ChatGPT GDPR Data Privacy Violations
Italy’s data protection authority has fined ChatGPT maker OpenAI a fine of Euro15 million ($15.66 million) over how the generative artificial intelligence application handles personal data.The fine comes nearly a year after the Garante found that ChatGPT processed users’ information to train its service in violation of the European Union’s General Data Protection Regulation (GDPR).The…
-
Netflix Fined Euro4.75 Million Over GDPR Transparency Issues
Netflix has been hit with a Euro4.75 million fine by the Dutch Data Protection Authority (DPA). The fine stems from the company’s failure to clearly explain its data practices to users between 2018 and 2020″, highlighting a key issue that has been in the spotlight ever since the GDPR was introduced. What Went Wrong? The…
-
EU Opens Door for AI Training Using Personal Data
The EU Data Protection Board (EDPB) published a long-awaited opinion on how GDPR should apply to AI models First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/edpb-ai-training-personal-data/
-
European authorities say AI can use personal data without consent for training
The European Data Protection Board (EDPB) issued a wide-ranging report on Wednesday exploring the many complexities and intricacies of modern AI model development. It said that it was open to potentially allowing personal data, without owner’s consent, to train models, as long as the finished application does not reveal any of that private information.This reflects…
-
Dutch DPA Fines Netflix Euro4.75 Million for GDPR Violations Over Data Transparency
The Dutch Data Protection Authority (DPA) on Wednesday fined video on-demand streaming service Netflix Euro4.75 million ($4.93 million) for not giving consumers enough information about how it used their data between 2018 and 2020.An investigation launched by the DPA in 2019 found that the tech giant did not inform customers clearly enough in its privacy…
-
In potential reversal, European authorities say AI can indeed use personal data, without consent, for training
The European Data Protection Board (EDPB) issued a wide-ranging report on Wednesday exploring the many complexities and intricacies of modern AI model development. It said that it was open to potentially allowing personal data, without owner’s consent, to train models, as long as the finished application does not reveal any of that private information.This reflects…
-
Meta Hit with Massive $263m GDPR Fine
The Irish Data Protection Commission has fined Meta $263m for a 2018 data breach impacting 29 million Facebook accounts First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/meta-hit-with-massive-263m-gdpr/
-
Meta fined $263 million for alleged GDPR violations that led to data breach
Ireland’s data privacy regulator said it was levvying the fine for data security failures that led to information on about 29 million Facebook users being exposed.]]> First seen on therecord.media Jump to article: therecord.media/meta-fined-263-million-gdpr-violations-data-breach
-
3 Common GDPR Challenges and How to Overcome Them
Practical tips for GDPR compliance Responsible for data protection and EU GDPR (General Data Protection Regulation) compliance? Chances are you’ve come across these 3 common challenges: Data privacy trainer Andy Snow hears about these challenges a lot, having trained over 4,000 people on the GDPR. Here are his practical tips for overcoming them. In this…
-
Gen AI use cases rising rapidly for cybersecurity, but concerns remain
Tags: ai, attack, automation, awareness, ceo, ciso, compliance, control, cybersecurity, data, detection, finance, framework, fraud, GDPR, governance, grc, group, guide, Hardware, HIPAA, incident response, intelligence, international, malware, middle-east, monitoring, phishing, privacy, RedTeam, regulation, risk, risk-assessment, risk-management, soc, software, strategy, technology, threat, tool, training, usaGenerative AI is being embedded into security tools at a furious pace as CISOs adopt the technology internally to automate manual processes and improve productivity. But research also suggests this surge in gen AI adoption comes with a fair amount of trepidation among cybersecurity professionals, which CISOs must keep in mind when weaving gen AI…
-
‘White FAANG’ Data Export Attack: A Gold Mine for PII Threats
Websites these days know everything about you, even some details you might not realize. Hackers can take advantage of that with a sharp-toothed attack that exploits Europe’s GDPR-mandated data portability rules. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/white-faang-data-export-attack-pii-threats
-
KI-gestützte Lösung zur Verbesserung der Patientenversorgung in Senioren- und Pflegeeinrichtungen
Die -Lösung von Kepler Vision Technologies und Mobotix hat diese Woche ein wichtiges Upgrade erhalten. Der Mobotix-c71-Smart-Sensor erkennt jetzt Verhaltensanomalien genauer und verbessert die Genauigkeit, wodurch Fehlalarme reduziert werden. Die Nurse-Assist-Sensoren sind weiterhin GDPR- und HIPAA-konform, was die Privatsphäre der Patienten und Bewohner schützt und ihre Sicherheit gewährleistet. Nach der erfolgreichen Einführung von Nurse-Assist, der…
-
Nextcloud Talk: Open-source, GDPR-compliant alternative to Microsoft Teams
Nextcloud has unveiled Nextcloud Talk, an open-source alternative to Microsoft Teams. It’s a privacy-compliant collaboration platform for hybrid teams that gives … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/03/nextcloud-talk-open-source-microsoft-teams-alternative/
-
Why identity security is your best companion for uncharted compliance challenges
Tags: access, ai, attack, authentication, automation, business, cloud, compliance, control, cyberattack, cybersecurity, data, detection, exploit, finance, framework, GDPR, governance, government, healthcare, HIPAA, identity, india, law, least-privilege, mitigation, monitoring, privacy, regulation, risk, risk-management, service, strategy, supply-chain, technology, threat, tool, zero-trustIn today’s rapidly evolving global regulatory landscape, new technologies, environments, and threats are heightening cybersecurity and data privacy concerns. In the last year, governing bodies have taken significant steps to enact stricter compliance measures”, and more than ever, they are focusing on identity-related threats.Some notable changes include: The National Institute of Standards and Technology (NIST)…