The Cybersecurity and Infrastructure Security Agency has ordered federal civilian agencies to take a hard look at the devices sitting at the edge of their networks, and to remove any that can no longer be supported, as part of a broader push to reduce exposure to cyberattacks.
Panera Bread has confirmed a cyber intrusion after customer contact data linked to more than 5 million people appeared online, marking the latest high-profile breach tied to the ShinyHunters extortion group and its growing focus on identity-based attacks.
UK regulators have launched parallel investigations into the Grok artificial intelligence system following reports that it has been used to generate non-consensual sexualized images and videos of real people, including children.
The Swedish Data Protection Authority (IMY) has identified three areas that will shape its guidance and enforcement work over the coming year: the use of artificial intelligence in the public sector, the protection of children and young people online, and the expanding range of tools used by law enforcement authorities.
France’s privacy regulator (CNIL) has sanctioned France Travail and fined the company €5 million over a breach that occurred in the first quarter of 2024. The regulator concluded that the agency failed to put in place security measures commensurate with the risks involved in processing highly sensitive personal data.
Nike is investigating a potential cybersecurity incident after a cybercrime group claimed it had stolen data from the company’s systems, according to multiple cybersecurity and media reports.
Sweden’s privacy regulator has fined Sportadmin roughly $560,000 (SEK 6 million) after concluding that the company failed to implement adequate IT security measures ahead of a major cyberattack that exposed personal data on more than 2.1 million people.