Cobun Zweifel-Keegan writes: In its most recent cybersecurity enforcement decision, the U.S. Federal Trade Commission announced a draft settlement agreement with the current and former operators of the customized merchandise website CafePress.com. Although the unanimous consent order focuses primarily on the company’s lax security practices, which allegedly led to multiple data breaches, there are also a few…
Category: Business Sector
Facebook fined $18.6M over string of 2018 breaches of EU’s GDPR
Natasha Lomas reports: Facebook’s parent company, Meta, has been fined €17 million (~$18.6 million) by the Irish Data Protection Commission (DPC) over a string of historical data breaches. The security lapses in question, which appear to have affected up to 30 million Facebook users, date back several years — and had been disclosed by Facebook…
FTC Takes Action Against CafePress for Data Breach Cover Up and Poor Security
The FTC has taken enforcement action against CafePress stemming, in part from a 2019 data breach previously reported on this site. In December, 2020, seven states settled charges with CafePress. The Federal Trade Commission today took action against online customized merchandise platform CafePress over allegations that it failed to secure consumers’ sensitive personal data and…
Ireland’s privacy watchdog sued for inaction over ‘massive Google data breach’
Natasha Lomas reports: Ireland’s evasive response to a major security complaint filed against Google’s adtech the year the European Union’s General Data Protection Regulation (GDPR) came into application is the target of a new lawsuit — which accuses the Data Protection Commission (DPC) of years of inaction over what the complainants assert is “the largest…
The Human Factor in Data Security Breaches
Breaches involving the pharma sector may or may not involve patient data, but as we saw early on the pandemic, hitting the pharma sector when it is working on developing vaccines, testing vaccines, or distributing vaccines can have significant national and global health implications. Julian Upton reports: The pandemic’s exacerbation of the pharmaceutical industry’s exposure…
Ubisoft says it experienced a ‘cyber security incident’, LAPSUS$ group claims credit for attack
Jay Peters reports: Ubisoft experienced a “cyber security incident” last week that temporarily disrupted some games, systems, and services, the company reported Thursday. Ubisoft hasn’t said who might be responsible, but on Friday evening, the group who purportedly hacked Nvidia took credit. Ubisoft said it believes that “at this time there is no evidence any player…