IT Security & Privacy

Hellenic Post Services S.A. (ELTA S.A.), a prominent postal service provider in Greece, has been fined by the Hellenic Supervisory Authority (SA) for failing to implement adequate technical and organizational measures, leading to unauthorized access by third parties and subsequent data breaches. The final decision, issued on February 28, 2024, highlights critical lapses in compliance with GDPR principles regarding the integrity and confidentiality of personal data and the security of processing.

Insight Global LLC, a prominent staffing firm headquartered in Atlanta, has reached a $2.7 million settlement to resolve allegations of violating the False Claims Act due to inadequate cybersecurity measures during COVID-19 contact tracing efforts. The settlement, announced by the Department of Justice (DOJ), marks a significant step in ensuring government contractors fulfill their cybersecurity obligations, particularly in handling sensitive health information.

Kaiser Permanente, one of the nation's largest not-for-profit health plans, has disclosed a major data breach impacting the personal information of 13.4 million members.

OpenAI, the company behind the wildly popular AI chatbot ChatGPT, is facing a privacy complaint in Austria over alleged violations of the European Union's General Data Protection Regulation (GDPR).

The cybersecurity landscape is a battleground, and state and local governments find themselves on the frontlines. Cyber threats loom larger than ever, escalating in frequency and sophistication as we progress through 2024. While high-profile breaches often dominate headlines, state and local agencies are not exempt from the relentless barrage of attacks aimed at compromising sensitive citizen data and disrupting critical operations. This pivotal moment demands decisive action to fortify data privacy and security measures.

The Czech data protection authority imposed a whopping 351 million CZK fine on Avast Software, a cybersecurity firm, for unlawfully sharing personal data of millions of its antivirus users with a subsidiary company.

The recent malicious cyberattack on Change Healthcare, a major provider of revenue cycle management and data solutions for the healthcare industry, has brought significant compliance risks and challenges to UnitedHealth Group, the parent company of Change Healthcare.