According to new research from Sonatype, 92% of large enterprises have implemented or plan to adopt a Software Bill of Materials (SBOM) in response to President Biden’s Cybersecurity Executive Order. The research also highlights the increasing importance of open source hygiene in cybersecurity and an influx of...
The U.K. government recently embarked on a plan to create its own version of the EU's General Data Protection Regulation, but attorney Jonathan Armstrong says he is "pretty skeptical" that this second attempt at privacy reform will successfully make it through the country's Parliament.
The British government is proposing modifications to the European privacy law adopted as British law before the U.K. left the EU. Civil society groups warn that changes to the U.K. GDPR could lead to more surveillance. Some tech firms say the government is poised to increase its regulatory burden.
Irish authorities have fined a healthcare organization 460,000 euros - about $490,000 - for a 2019 Calum ransomware breach that compromised sensitive information of 70,000 patients, including the permanent deletion of data for about 2,500 of them.
Automaker Tesla revised settings for its in-built cameras after a probe by the Dutch data privacy agency found its default settings enabled illegal recording and retention of data. "Teslas parked on the street were often filming everyone who came near the vehicle," DPA board member Katja Mur said.
The European Commission is preparing a proposal mandating more cooperation among national government agencies charged with enforcing the General Data Protection Regulation. Nationally driven enforcement of the regulation has emerged as a sore point for some during the GDPR's first half decade.
A Scottish school system decided not to use facial recognition in its secondary school cafeterias after international outcry. The U.K. Information Commissioner's Office said Tuesday that the North Ayrshire Council failed to obtain freely given consent for the system.
JD Sports, a sports fashion retailer with global operations, says personal details pertaining to about 10 million online customers of JD Sports and its Size?, Millets, Blacks, Scotts and MilletSport brands from 2018 to 2020 have been stolen by attackers and warns customers to beware of scammers.
European data protection regulators last year imposed known privacy and data breach fines under GDPR collectively worth at least 2.9 billion euros, or $3.1 billion, which was more than double the value of fines issued in 2020, reports law firm DLA Piper.
TikTok must pay a fine of 5 million euros to the French government after the country's data protection agency said the short-form video app violated national privacy law restricting the monitoring of web browser activity. TikTok is at the center of a number of privacy controversies worldwide.
Managed security services player Cerberus Sentinel plans to capitalize on cloud migration and strict privacy regulations in South America through its proposed purchase of RAN Security. The deal will bolster Cerberus Sentinel's penetration testing, gap analysis and infrastructure management services.
The French data privacy agency has fined Apple 8 million euros for an ad personalization tracker that violated the country's privacy laws. The fine against Apple was announced on the same day the Irish Data Protection agency fined Meta Ireland for similar violations.
The Irish Data Protection Commission has imposed a fine of 390 million euros against Meta Ireland for violating the General Data Protection Regulation related to user data processing. Meta confirmed it will contest the penalty, which targets ad personalization by Facebook and Instagram.
A member of a criminal data breach forum says he's selling email addresses and phone numbers of 400 million Twitter users. If verified, the data breach would be a further blow to Twitter and its beleaguered chief executive as regulators increase pressure over the firm's security practices.
Belgian banking giant Degroof Petercam is warning hundreds of clients that their employees are at risk of fraud after personal details tied to their stock option plans were accessed, potentially by an ex-employee. The bank has reported the data breach to the Belgian Data Protection Authority.