Georgia Sweeting reports: The UK government has announced the full scope of its upcoming Cyber Security and Resilience Bill, which aims to strengthen the country’s digital defences and reduce the growing risks posed by cyber threats. Set to be introduced later this year, the bill will place tougher cybersecurity requirements on organisations that provide essential services,…
Category: Non-U.S.
China Regulator Proposes Amendments to Cybersecurity Law
Hunton Andrews Kurth writes: On March 28, 2025, the Cyberspace Administration of China issued draft amendments to China’s Cybersecurity Law (“Draft Amendment”) for public comment until April 27, 2025. The Draft Amendment aims to harmonize relevant provisions of the Personal Information Protection Law (“PIPL”), Data Security Law (“DSL”) and Law of Administrative Penalties, all of…
Former GCHQ intern admits top secret data breach risking national security
Here’s today’s reminder of the insider threat (well, this, and the fact that U.S. government officials continue to deny any problem with discussing attack plans on Signal). The Argus reports: A former GCHQ intern has admitted risking national security by taking top secret data home. Hasaan Arshad, 25, from Rochdale, Greater Manchester, pleaded guilty to…
Canada’s Privacy Commissioner launches breach risk self-assessment tool for organizations
March 26, 2025 – Gatineau, Quebec Privacy Commissioner of Canada Philippe Dufresne has launched a new online tool that will help businesses and federal institutions that experience a privacy breach to assess whether the breach is likely to create a real risk of significant harm to individuals. The privacy breach risk self-assessment tool is a convenient web-based application…
The PIPC Sanctions Woori Card for Data Breaches, Imposing KRW 13.45 billion
The Personal Information Protection Commission (PIPC) held its seventh plenary meeting of 2025 and reached a decision to sanction Woori Card Co., Ltd. (Woori Card) for data breaches on March 26, 2025. Administrative sanctions by the PIPC are as follows: A penalty for violations (Gwajingguem) of KRW 13.45 billion; A publication order of sanction results…
Ransomwared NHS software supplier nabs £3M discount from ICO for good behavior
Connor Jones reports the latest update on the ransomware attack affecting Advanced Computer Software: The UK’s data protection watchdog is dishing out a £3.07 million ($3.95 million) fine to Advanced Computer Software Group, whose subsidiary’s security failings led to a ransomware attack affecting NHS care. This is nearly half the fine the Information Commissioner’s Office provisionally floated…