New York Fines Geico and Travelers $11 Million Over Data Breaches

November 26, 2024 at 06:15AM Geico and Travelers were fined $11 million in New York for data breaches affecting over 120,000 individuals. Geico’s quoting tools were exploited in cyberattacks, while Travelers’ agent portal lacked multi-factor authentication. Both companies failed to implement adequate security measures and will enhance their cybersecurity practices as part of their settlements. … Read more

Yakuza Victim Data Leaked in Japanese Agency Attack

November 22, 2024 at 03:00PM A data breach at the Kumamoto Prefecture Violence Prevention Movement Center has exposed personal information of 2,500 individuals seeking help against Yakuza crime. The breach, caused by a phishing attack, raises concerns about potential threats to the safety of victims, prompting the center to alert those affected. ### Meeting Notes … Read more

Casio confirms customer data stolen in a ransomware attack

October 11, 2024 at 10:47AM Casio confirmed a ransomware attack that compromised personal and confidential data of employees, job candidates, and customers. The Underground group claimed responsibility and leaked documents. Casio stated that no credit card information was stolen and urged caution against sharing leaked data. Authorities are investigating the incident. **Meeting Takeaways: Casio Ransomware … Read more

Uber fined $325 million for moving driver data from Europe to US

August 26, 2024 at 12:32PM The Dutch Data Protection Authority fined Uber Technologies Inc. and Uber B.V. €290,000,000 ($325 million) for GDPR violations. Based on the meeting notes, the Dutch Data Protection Authority has imposed a significant fine of €290,000,000 ($325 million) on Uber Technologies Inc. and Uber B.V. for GDPR violations. Full Article

X faces GDPR complaints for unauthorized use of data for AI training

August 12, 2024 at 06:47PM European privacy advocate NOYB has filed nine GDPR complaints against X for using the personal data of over 60 million European users to train “Grok,” the social media company’s language model. Based on the meeting notes, it appears that the European privacy advocate NOYB has filed nine GDPR complaints against … Read more

Malware that is ‘not ransomware’ wormed its way through Fujitsu Japan’s systems

July 10, 2024 at 09:58AM Fujitsu Japan confirmed an “advanced” malware strain, not ransomware, was responsible for a March data theft affecting individuals with personal and customer information. Despite isolating infected machines and enhancing monitoring, the company didn’t disclose the scale but notified affected individuals. It aims to further bolster information security following the incident. … Read more

Evolve Bank Data Breach Impacts 7.6 Million People

July 9, 2024 at 09:33AM Evolve Bank & Trust notified 7.6 million individuals of a recent LockBit ransomware attack compromising personal information, including names, Social Security numbers, and bank account information. The company confirmed the incident, stating no ransom was paid, and offered free credit monitoring and identity protection services. There’s no evidence of customer … Read more

Authenticator for X, TikTok Exposes Personal User Info for 18 Months

June 27, 2024 at 04:34PM Personal data and documents of users from popular apps have been exposed to cybercriminals by AU10TIX, a Tel Aviv-based identity verification company. The leaked data includes sensitive personal information such as names, birth dates, nationalities, and images of ID documents. AU10TIX initially claimed to have resolved the issue, but the … Read more

UK and Canada’s data chiefs join forces to investigate 23andMe mega-breach

June 11, 2024 at 09:33AM The UK and Canada data protection watchdogs are collaborating to investigate the 23andMe data breach. The probe will assess any customer harm, safeguards in place, and transparency with regulators. The breach affected nearly 7 million individuals, with attackers targeting users’ genetic information. 23andMe’s delayed implementation of 2FA is also under … Read more

750k Impacted by Frontier Communications Data Breach

June 7, 2024 at 07:00AM Frontier Communications has notified 750,000 individuals of a recent data breach where personal information was stolen. The breach occurred on April 14, with the company identifying and restoring impacted systems by mid-May. The attackers accessed and exfiltrated data, including names, addresses, email addresses, dates of birth, phone numbers, and Social … Read more