Over the weekend, DNA testing giant 23andMe made a staggering announcement that it was filing for Chapter 11 bankruptcy. While the company has certainly faced its fair share of challenges, the core issue here is far from just bad business decisions. At the heart of this struggle lies the fallout from a devastating data breach, which serves as a painful reminder of just how costly cybersecurity risks can be.
The Personal Information Protection Commission (PIPC) of South Korea has penalized Modetour Network Inc. for mishandling a major data breach. The commission’s ruling, announced on March 12, 2025, includes a hefty fine of KRW 747 million (roughly $521,275), along with a KRW 10.2 million ($7,022) fine for additional wrongdoings, making it clear that the company’s failure to protect sensitive customer data will not go unpunished.
In a letter to its customers, Bank of America has revealed a security incident that might have affected sensitive personal data. The incident, which occurred on December 30, 2024, is tied to a third-party vendor responsible for shredding documents. According to the bank, the vendor didn’t secure certain documents properly during transport, and some of those documents were discovered outside a financial center. While it’s unclear whether any individual customer’s documents were directly involved, the bank is erring on the side of caution and notifying those who could be impacted.
Users of the social media site X experienced outages on Monday morning, continuing into the afternoon. They encountered issues with logging in, viewing posts and profiles, and loading images. According to Downdetector, an outage tracking site, reports of disruptions began to emerge in the early morning EST. Three additional spikes in outages were recorded throughout the day. The number of reports started to decline steadily around 2:30 p.m. ET, and the site largely returned to normal functionality.
New York Attorney General Letitia James has filed a lawsuit recently against National General and its parent company, Allstate Insurance, over a string of data breaches that exposed the personal information of over 165,000 New Yorkers. The lawsuit paints a troubling picture of how weak cybersecurity practices allowed hackers to access sensitive information—and not once, but twice—due to a series of preventable oversights.
Every year, Europe’s cybersecurity landscape grows more complex. With digital infrastructures evolving, cyber threats becoming more sophisticated, and the stakes higher than ever, it’s clear that certain sectors are facing serious challenges when it comes to cyber resilience. ENISA’s 2024 NIS360 report offers a deep dive into the cybersecurity maturity and criticality of sectors that are essential to Europe’s economic and social fabric—and the results are both encouraging and concerning.
In a move that underscores South Korea's commitment to data protection, the Personal Information Protection Commission (PIPC) has cracked down on two companies for major security oversights that put users’ personal data at risk. This recent decision, made at the PIPC’s fourth plenary meeting of the year, should serve as a wake-up call to businesses that think data security is an afterthought.