Hunton Privacy

JULY 31, 2023

On July 19, 2023, the European Data Protection Board (“EDPB”) issued an Information Note regarding data transfers to the U.S. Data Privacy Framework (the “Data Privacy Framework”) on July 10, 2023 (the “Information Note”). following the adoption of an adequacy decision on the EU-U.S.

Data Privacy 52

Data Privacy Privacy GDPR Personal data 52

IT Governance

APRIL 29, 2024

AI Scientists successfully use AI to detect AI-generated videos Scientists at the MISL (Multimedia and Information Security Lab) in Drexel University’s College of Engineering have developed a suite of tools to detect AI-generated videos at the sub-pixel level. To learn more about our research methodology, click here.

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94

Thales Cloud Protection & Licensing

JANUARY 10, 2024

Navigating the EU-US Data Protection Framework sparsh Thu, 01/11/2024 - 05:26 On 10 July 2023, the European Commission adopted a new adequacy decision regarding the Data Privacy Framework (“DPF”). This follows the invalidation of the EU-US Privacy Shield, by the Court of Justice of the European Union on 16 July 2020.

Data Privacy 83

Data Privacy Personal data Privacy Cloud 83

IT Governance

MARCH 29, 2024

Here are all our Q&As to date, grouped by broad topic: AI Cyber attacks and data breaches Cyber Essentials Cyber resilience Cyber security Data privacy DORA Incident response ISO 27001 PCI DSS PECR Security testing Training Miscellaneous To get new expert insights straight to your inbox, sign up to our weekly newsletter, the Security Spotlight.

Data Privacy 52

Data Privacy Compliance GDPR Privacy 52

Hunton Privacy

OCTOBER 25, 2023

On October 8, 2023 and October 10, 2023, California Governor Gavin Newsom signed A.B. 947 amends the California Consumer Privacy Act of 2018’s (“CCPA”) definition of “sensitive personal information” to include personal information that reveals a consumer’s “citizenship or immigration status,” while A.B.

Manufacturing 72

Manufacturing Personal data Privacy Access 72

Data Matters

OCTOBER 5, 2023

On September 29, 2023 — the last business day of its fiscal year — the U.S. The post Latest Wave of SEC Off-Channel Communications Enforcement Actions: Five Takeaways appeared first on Data Matters Privacy Blog. Other regulators, including the Commodity Futures Trading Commission (CFTC), have brought similar cases.

Communications 97

Communications Privacy Security IT 97

Data Matters

NOVEMBER 4, 2020

The results are in, and California voters have approved the California Privacy Rights Act (CPRA) which was listed on the ballot as Proposition 24. Consumers will also have opt-out rights relating to the use of their personal information in automated decision-making, including consumer profiling. Next Steps.

Privacy 122

Privacy B2B Sales Data breaches 122

Data Protection Report

APRIL 30, 2024

In brief, the company agreed to settle the charges—without admitting or denying the allegations—for a civil payment of $10 million (partly suspended) plus $5 million in civil relief, as part of a 20-year stipulated order. As indicated in the paragraph quoted above, the company collected some very sensitive personal information.

Personal data 85

Personal data Privacy Information governance Compliance 85

Security Affairs

JUNE 12, 2023

The attack took place earlier this year, the attackers have exploited the GoAnywhere zero-day vulnerability tracked as CVE-2023-0669. On March 24, 2023, ITx completed its initial review of the logs provided to it by Fortra. ITx began notifying potentially affected data owners on April 11, 2023.”

Data breaches 81

Data breaches Ransomware Insurance Data Privacy 81

The Last Watchdog

MARCH 21, 2022

Evolving privacy regulations like the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) mean ongoing headaches for cybersecurity, compliance and risk management teams. At least 10 additional states have enacted or are considering data privacy laws. Outmoded cyber solutions.

Encryption 214

Encryption Cloud Privacy GDPR 214

IBM Big Data Hub

OCTOBER 30, 2023

In July 2023, the Securities and Exchange Commission (SEC) voted to adopt new cybersecurity rules and requirements for all market entities to address risks. Among the passed regulations were updated requirements for Form 8-K reporting as well as new guidance for Form 10-K Amendments. million, representing a 15.3%

Data breaches 75

Data breaches Cybersecurity Risk Privacy 75

Security Affairs

NOVEMBER 10, 2023

The company became aware of anomalous activity on or about August 22, 2023, and immediately launched an investigation with the help of third-party forensic experts. The investigation revealed that threat actors gained unauthorized access to McLaren’s network between July 28, 2023, and August 23, 2023. million of their patients.

Data breaches 100

Data breaches Ransomware Insurance Manufacturing 100

Hunton Privacy

FEBRUARY 17, 2023

On February 10, 2023, an Illinois federal district court ordered the dismissal of a putative class action lawsuit alleging that an online tool that allowed users to virtually try on sunglasses violated the Illinois Biometric Privacy Act (“BIPA”). 740 ILCS 14/10. In Delma Warmack-Stillwell v. Christian Dior Inc. ,

Information capture 55

Information capture Privacy IT Information Security 55

Security Affairs

OCTOBER 23, 2023

The Moody’s report also warned that there are security and privacy vulnerabilities in Aadhaar’s centralized system. On September 25, the Indian government’s Press Information Bureau published a statement refuting the Moody’s report.

Sales 114

Sales e-Discovery Data breaches Risk 114

Hunton Privacy

MARCH 13, 2023

On March 9, 2023, the U.S. Securities and Exchange Commission (SEC) announced settled administrative charges against Blackbaud Inc. listed companies will face when the SEC adopts its proposed rules on cybersecurity disclosure, which the agency has reported may come as soon as April 2023.

Cybersecurity 116

Cybersecurity Ransomware Marketing Access 116

Hunton Privacy

MARCH 23, 2023

On March 15, 2023, the Securities and Exchange Commission (“SEC”) proposed three rules related to cybersecurity and the protection of consumer information. The SEC also proposed Rule 10 , which would require certain entities that perform critical services to support the U.S.

Cybersecurity 102

Cybersecurity Marketing Compliance Risk 102

Security Affairs

SEPTEMBER 17, 2023

MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer files using SFTP, SCP, and HTTP-based uploads. The Clop ransomware gang (aka Lace Tempest ) was credited by Microsoft for the campaign that exploited a zero-day vulnerability, tracked as CVE-2023-34362 , in the MOVEit Transfer platform.

Ransomware 114

Ransomware Personal data Data Privacy Security 114

Hunton Privacy

JULY 27, 2023

On July 26, 2023, the U.S. Securities and Exchange Commission (“SEC”) adopted long-anticipated disclosure rules for public companies by a 3-2 party-line vote. The new rules are effective as soon as December 18, 2023, as detailed further below. Second, to the extent that the information called for in Item 1.05(a)

Cybersecurity 52

Cybersecurity Risk Communications Government 52

Hunton Privacy

JUNE 13, 2023

On June 6, 2023, the Federal Deposit Insurance Corporation (“FDIC”), the Board of Governors of the Federal Reserve System (“FRB”) and the Office of the Comptroller of the Currency (“OCC”) issued their final Interagency Guidance on Third-Party Relationships (“Guidance”).

Risk 64

Risk Insurance Compliance Information Security 64

eSecurity Planet

MAY 30, 2024

Table of Contents Toggle Recent Healthcare Attacks & Breaches 5 Key Cybersecurity Management Lessons to Learn Bottom Line: Learn Healthcare’s Lessons Before Suffering Pain Recent Healthcare Attacks & Breaches Large breaches affected over 88 million individuals in the USA in 2023, a 60% increase from 2022. Ascension lost $2.66

Cybersecurity 73

Cybersecurity Ransomware Data breaches Risk 73

Security Affairs

OCTOBER 5, 2023

For instance, a common tactic for criminals is to use the stolen information to file false tax returns and attempt to claim refunds that don’t belong to them, thus creating a very difficult situation for the individual whose information was used. According to the IRS, in 2023 the US tax agency found that nearly 1.1

Data breaches 100

Data breaches B2B Education Access 100

Data Matters

FEBRUARY 11, 2019

The Act does not, of course, supersede federal privacy or data security laws, such as HIPAA. The post Michigan Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law appeared first on Data Matters Privacy Blog. MCL § 500.560(6). Dedicated Customer Notice Provisions.

Insurance 68

Insurance Security Cybersecurity FOIA 68

Hunton Privacy

JUNE 15, 2023

On June 14, 2023, the European Parliament (“EP”) approved its negotiating mandate (the “EP’s Position”) regarding the EU’s Proposal for a Regulation laying down harmonized rules on Artificial Intelligence (the “AI Act”). The final version of the AI Act is expected before the end of 2023.

Risk 55

Risk Artificial Intelligence Compliance GDPR 55

KnowBe4

MARCH 14, 2023

CyberheistNews Vol 13 #11 | March 14th, 2023 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears Robert Lemos at DARKReading just reported on a worrying trend. In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2%

Phishing 84

Phishing Security Artificial Intelligence Security awareness 84

Information is Currency

NOVEMBER 8, 2018

It next defines the disciplines that an information professional can work in as one of the following categories: archiving, compliance, information leadership/strategy, information management, information technology (IT), legal, privacy, records management and security. Information Lifecycle.

Records Management 40

Records Management Risk Paper Archiving 40