IT Security & Privacy

Artificial intelligence is rapidly changing the cybersecurity equation for financial institutions, and France’s securities regulator wants firms to move faster in adapting their defenses. The French regulator, the Autorité des marchés financiers (AMF), said Thursday that strengthening cyber resilience remains a strategic priority as advances in artificial intelligence create new opportunities for both defenders and attackers.

Carnival Corporation has disclosed a cybersecurity incident that exposed personal information belonging to nearly six million individuals after an attacker successfully used social engineering tactics to gain access to an employee account.

Australians are becoming more concerned about privacy even as businesses and governments push deeper into the digital economy, according to a major survey released Thursday that found public trust in artificial intelligence companies has fallen to strikingly low levels.

A French privacy regulator spent part of its week explaining why a pile of health data with the names removed is not the same thing as anonymity. That distinction just cost IQVIA €5 million.France’s data protection authority, the CNIL, announced the sanction against the company, a subsidiary of the healthcare analytics and consulting giant IQVIA, over its handling of two large health data warehouses containing information sourced from pharmacies and doctors across France.

New Zealand’s Privacy Commissioner released Phase 1 findings from an inquiry into the incident, concluding that both Health New Zealand and Manage My Health breached Rule 5 of the Health Information Privacy Code by failing to ensure reasonable security safeguards were in place to protect patient information.

New York State Department of Financial Services Acting Superintendent Kaitlin Asrow issued new guidance advising regulated entities on the kinds of cybersecurity measures they should consider when threat conditions materially worsen. The department pointed specifically to geopolitical instability and the release of frontier AI models as examples of developments that can rapidly change the threat landscape and justify stronger defensive measures.

7-Eleven disclosed that an unauthorized third party gained access on April 8 to certain company systems containing franchisee records, according to a notice sent to affected individuals. The company said the compromised documents included information submitted during the franchise application process, including names, addresses, and other unspecified personal data elements.