Loraine Centeno reports: McDonald’s just got a supersized reminder to beef up its digital security after its recruitment platform allegedly exposed the sensitive data of 64 million applicants. Security researchers Ian Carrol and Sam Curry, known for their work in vulnerability investigations and ethical hacking, recently revealed a major flaw in McDonald’s new McHire recruitment…
Qilin claims attack on Accu Reference Medical Laboratory. It wasn’t the lab’s first data breach.
On December 6, 2023, the Medusa Blog added ACCU Reference Medical Laboratory to their leak site with some screenshots as proof of claims. Claiming to have 1.2 TB of data, Medusa demanded $1 million to delete or download the data. When no payment was forthcoming, they leaked the data on their website and Telegram channel…
Louis Vuitton hit by data breach in Türkiye, over 140,000 users exposed; UK customers also affected (1)
[Google machine translation of notice on government site:] Public Announcement (Data Breach Notification) – Louis Vuitton Çantacılık Ticaret Anonim Şirketi As is known, Article 12, paragraph (5) of the Law on the Protection of Personal Data No. 6698, titled “Obligations regarding data security,” stipulates that “If processed personal data is obtained by others through illegal…
Infosys McCamish Systems Enters Consent Order with Vermont DFR Over Cyber Incident
Swati Nair reports: Infosys announced that its subsidiary, Infosys McCamish Systems (IMS), has reached an agreement with the US State of Vermont’s Department of Financial Regulation (DFR). This agreement, known as a stipulation and consent order, resolves issues related to a cyber incident without requiring a hearing. IMS is obligated to pay a USD 125,000…
Obligations under Canada’s data breach notification law
Chiara Trinidad writes: What laws govern data breach in Canada? Data breach notification law is governed by the Personal Information and Electronic Documents Act (PIPEDA). This federal law regulates the handling of personal information during commercial transactions. This includes the collection, use, and disclosure of personal data. By extension, this also includes the storage of…
German court offers EUR 5000 compensation for data breaches caused by Meta
Aurora Munteanu reports: The Leipzig District Court has awarded Facebook users EUR 5000 in compensation for data protection violations from Meta’s Business Tools. This marks a significant precedent in European privacy enforcement. The German court offered the judgment on July 4th, 2025, finding that Meta Platforms Ireland Limited breached the General Data Protection Regulation through its extensive tracking…