Dell Technologies has issued notices regarding a significant data breach that has exposed personal and sensitive information of an estimated 49 million global customers. The computer giant first alerted customers on May 9th that an unauthorized party had gained access to a Dell system containing restricted customer data related to product purchases.
The Federal Trade Commission has finalized a settlement order against Blackbaud Inc. over allegations that lax security practices at the cloud software company led to a massive data breach in 2020 exposing millions of people's personal information.
The Securities and Exchange Commission has adopted amendments to Regulation S-P aimed at strengthening protections for consumers' personal financial information held by broker-dealers, investment companies, registered investment advisers, and transfer agents.
Nissan Motor Corporation has revealed that a recent cybersecurity breach has exposed the Social Security Numbers (SSNs) of thousands of its employees. The company disclosed the breach in a letter sent to affected employees yesterday, outlining the measures being taken to address the situation and offering support to mitigate potential impacts.
Ascension, one of the largest nonprofit health systems in the United States, is dealing with significant disruptions after detecting a cybersecurity incident this week. The Catholic health care organization, which operates 140 hospitals across 19 states and Washington D.C., announced on Wednesday that it had identified "unusual activity" impacting some of its technology network systems.
Finland's data protection authority has imposed an €856,000 fine on e-commerce company Verkkokauppa.com for violating the GDPR by failing to define retention periods for customer account data and requiring users to register accounts to make online purchases.
Hellenic Post Services S.A. (ELTA S.A.), a prominent postal service provider in Greece, has been fined by the Hellenic Supervisory Authority (SA) for failing to implement adequate technical and organizational measures, leading to unauthorized access by third parties and subsequent data breaches. The final decision, issued on February 28, 2024, highlights critical lapses in compliance with GDPR principles regarding the integrity and confidentiality of personal data and the security of processing.