Meta received a GDPR fine of €390M (210 million and €180 million fines for Facebook and Instagram) and accused the company of lacking proper legal grounds to process millions of Europeans’ with its data-fueled advertising model. Meta strongly disagree with the DPC’s final decision, and believes to fully comply with GDPR by relying on Contractual […]
The US government demands direct access to databases of European police services containing biometric data of European citizens. The US makes this entry mandatory for countries participating in the so-called Visa Waiver Program, which allows citizens of certain countries to travel to the United States without a visa. At the beginning of this year, US […]
The hacker copied information from backup that contained basic LastPass customer account information and related metadata, including company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service. The threat actor was also able to copy a backup of customer vault data from the […]
Meta has agreed to pay $725 million to resolve a class-action lawsuit accusing the social media giant of allowing third parties, including Cambridge Analytica, to access users’ personal information. Lawyers for the plaintiffs called the proposed settlement the largest to ever be achieved in a U.S. data privacy class action and the most that Meta […]
The American crypto exchange Gemini leaks private data of 5.3 million users, which is subsequently being used for targeted phishing attacks. It concerns e-mail addresses and partial telephone numbers. According to Gemini, the data was stolen from an unnamed “third-party” supplier. No further details about the data breach have been provided. Gemini does advise users […]
What today is a dataset without personal data or with anonymized data, no longer has to be that way tomorrow and it is crucial to know how to protect personal data. Due to the wider availability of open data and new technologies, data can easily be combined with other data. For example, the dataset can […]
“The Council adopted legislation for a high common level of cybersecurity across the Union, to further improve the resilience and incident response capacities of both the public and private sector and the EU as a whole. The new directive, called ‘NIS2’, will replace the current directive on security of network and information systems (the NIS […]
The records of Twitter contain either a private email address or phone number, and public scraped data, including the account’s Twitter ID, name, screen name, verified status, location, URL, description, follower count, account creation date, friends count, favorites count, statuses count, and profile image URLs.
The Irish privacy regulator DPC has imposed a GDPR fine of 265 million euros, around a €0.5 fine per leaked dataset, on Meta for a major data breach at Facebook that left the data of 533 million users on the street. Last year, Ireland’s data protection authority launched an investigation after media reported about a […]
German privacy regulators have ruled that the use Microsoft 365 by governments, companies and educational institutions is in violation of GDPR. Only by taking additional technical measures is it possible to use the software in Germany. This was the opinion of the German regulators during the Datenschutzkonferenz (DSK) that took place last week (see below […]