IT Security & Privacy

The Norwegian Data Protection Authority’s (DPA) has uncovered troubling breaches of personal data laws across six websites. These sites, all of which shared personal data without proper consent, are now facing the consequences of their actions. The DPA’s findings reveal that in some cases, sensitive personal information, including that of vulnerable children, was sent to third parties without users’ knowledge, a clear violation of GDPR.

In a move that reflects both urgency and foresight, the European Union has adopted a revised Cybersecurity Crisis Management Blueprint. The newly updated framework, approved by EU Member States at a recent Council meeting, aims to fortify the Union’s ability to handle large-scale cyber incidents and crises. It’s a response to a growing reality of cyber threats evolving faster than ever, and the Union needs a well-coordinated plan to face these challenges head-on.

Cybersecurity has never been more crucial than it is today. To keep pace with the increasing number of threats, the European Union is taking a bold step forward with the unveiling of the updated National Cybersecurity Strategies (NCSS) Interactive Map, a game-changing platform from the European Union Agency for Cybersecurity (ENISA). Think of it as your go-to hub for all things EU cybersecurity, offering not only valuable insights but a fresh perspective on how nations are building their digital defenses.

The Personal Information Protection Commission (PIPC), in collaboration with the Korea Internet & Security Agency (KISA), has announced the official launch of the Global Cross-Border Privacy Rules (Global CBPR) Certification System. Starting June 2, 2025, this new system will help businesses easily navigate the complex world of international data flows, allowing them to expand into global markets while prioritizing privacy.

‍Vodafone is facing a €45 million penalty after the Federal Commissioner for Data Protection and Freedom of Information (BfDI), led by Prof. Dr. Louisa Specht-Riemenschneider, uncovered several significant data protection shortcomings. These issues, ranging from security flaws in its online systems to fraud committed by partner agencies, have put the telecom giant under scrutiny. Here's a deeper dive into the details, the actions taken, and what this means for the company going forward.

Luxury fashion brand Cartier has confirmed a data breach after hackers gained unauthorized access to its systems, exposing a limited amount of customer information. The company issued a notification to affected customers, revealing that personal data, including names, email addresses, and countries of residence, had been compromised. However, Cartier assured that no more sensitive information, such as passwords or payment details, was exposed in the attack.

North Face has recently informed its customers of a breach that exposed personal information after a credential stuffing attack targeted their website, thenorthface.com. This marks the fourth time the company has faced such an attack, and while no payment card details were affected, this incident serves as another reminder of the risks we face in today’s interconnected world.