IT Security & Privacy

Axiom GRC Acquires The DPO Centre to Strengthen Data Protection Capabilities

Axiom GRC has announced the acquisition of The DPO Centre, a leading UK-based provider of outsourced Data Protection Officer (DPO) and privacy services. The deal underscores the growing importance of data protection expertise as organizations face heightened regulatory and technological risks.

AI Oversight Gap Exposed in IBM’s 2025 Cost of a Data Breach Report

For two decades IBM and the Ponemon Institute have tallied the financial fallout of data breaches, tracking everything from stolen laptops in the mid-2000s to ransomware’s pandemic-era surge. The 2025 edition of their Cost of a Data Breach Report marks a turning point. This year the spotlight isn’t on cloud misconfigurations or phishing emails alone, it’s on artificial intelligence.

TransUnion Notifies Consumers of Cyber Incident Affecting Personal Data

TransUnion has disclosed that a cyber incident exposed personal data of U.S. consumers through a third-party application used in its customer support operations. While the company emphasized that no credit reports or core credit information were involved, the incident highlights a growing challenge for regulated businesses: securing the extended web of vendors and applications that support daily operations.

FTC Chairman Warns Tech Giants Against Weakening Data Security Under Foreign Pressure

Federal Trade Commission (FTC) Chairman Andrew N. Ferguson has issued a pointed warning to some of the world’s biggest technology companies to not weaken Americans’ data security or censor speech at the request of foreign governments.

Allianz Life Breach Hits 1.1 Million Customers, Hackers Eye Data Leak

For Allianz Life, July ended with a gut punch. The U.S. insurance giant admitted that hackers had slipped into one of its cloud-stored customer databases and made off with personal details belonging to most of its 1.4 million customers. The company didn’t say exactly how many were hit, but the independent breach notification site Have I Been Pwned filled in the blank this week: 1.1 million.

Healthplex to Pay $2 Million in Cybersecurity Settlement Over Phishing Breach That Exposed Tens of Thousands of New Yorkers’ Data

The New York State Department of Financial Services (DFS) has reached a $2 million settlement with Healthplex after finding the dental insurance management company violated the state’s cybersecurity regulation, enabling a late-2021 phishing attack that compromised sensitive personal and health information for tens of thousands of consumers.

BaFin Offers Practical Guide to Navigating DORA’s Documentation Maze

Since the EU’s Digital Operational Resilience Act (DORA) took effect on January 17, 2025, financial entities across Europe have been working to align with its far-reaching operational resilience and ICT security rules. Now, Germany’s Federal Financial Supervisory Authority (BaFin) has stepped in with a tool designed to make one of DORA’s more challenging elements (documentation requirements) easier to grasp.