The Personal Information Protection Commission (PIPC) of South Korea has penalized Modetour Network Inc. for mishandling a major data breach. The commission’s ruling, announced on March 12, 2025, includes a hefty fine of KRW 747 million (roughly $521,275), along with a KRW 10.2 million ($7,022) fine for additional wrongdoings, making it clear that the company’s failure to protect sensitive customer data will not go unpunished.
In a letter to its customers, Bank of America has revealed a security incident that might have affected sensitive personal data. The incident, which occurred on December 30, 2024, is tied to a third-party vendor responsible for shredding documents. According to the bank, the vendor didn’t secure certain documents properly during transport, and some of those documents were discovered outside a financial center. While it’s unclear whether any individual customer’s documents were directly involved, the bank is erring on the side of caution and notifying those who could be impacted.
Users of the social media site X experienced outages on Monday morning, continuing into the afternoon. They encountered issues with logging in, viewing posts and profiles, and loading images. According to Downdetector, an outage tracking site, reports of disruptions began to emerge in the early morning EST. Three additional spikes in outages were recorded throughout the day. The number of reports started to decline steadily around 2:30 p.m. ET, and the site largely returned to normal functionality.
New York Attorney General Letitia James has filed a lawsuit recently against National General and its parent company, Allstate Insurance, over a string of data breaches that exposed the personal information of over 165,000 New Yorkers. The lawsuit paints a troubling picture of how weak cybersecurity practices allowed hackers to access sensitive information—and not once, but twice—due to a series of preventable oversights.
Every year, Europe’s cybersecurity landscape grows more complex. With digital infrastructures evolving, cyber threats becoming more sophisticated, and the stakes higher than ever, it’s clear that certain sectors are facing serious challenges when it comes to cyber resilience. ENISA’s 2024 NIS360 report offers a deep dive into the cybersecurity maturity and criticality of sectors that are essential to Europe’s economic and social fabric—and the results are both encouraging and concerning.
In a move that underscores South Korea's commitment to data protection, the Personal Information Protection Commission (PIPC) has cracked down on two companies for major security oversights that put users’ personal data at risk. This recent decision, made at the PIPC’s fourth plenary meeting of the year, should serve as a wake-up call to businesses that think data security is an afterthought.
In a move that feels more like a privacy rollercoaster than a tech update, Apple has pulled its Advanced Data Protection (ADP) service from the United Kingdom. If you’re scratching your head wondering why this matters, ADP is a service that provides end-to-end encryption for iCloud data. That means your photos, notes, and other personal files are only accessible by you—unless, of course, someone gets a backdoor key. And that's exactly what the UK government has been asking for.