The Computer and Communications Industry Association (CCIA) raised privacy concerns with proposed rules in Missouri that would alter how content is moderated online. In comments to the Missouri attorney general on Wednesday, the association argued the rules pose security risks to users and their data, force third parties to handle content moderation and violate the First Amendment.
Missouri's Iron County Medical Center, California's Regional Center of the East Bay and Texas' Winkler County Hospital District recently notified affected individuals of data breaches that may have impacted customers' personal information.
The National Institute of Standards and Technology should maintain a clear distinction between privacy and cybersecurity guidelines in its public draft document for device manufacturers, USTelecom said in comments to NIST on Monday.
Medical device company Compumedics USA may have suffered a breach that leaked personal information, including Social Security numbers among other things, a law firm investigating the incident said Friday. Multiple states also reported the breach recently.
Qantas confirmed that the personal information of 5.7 million customers was compromised in a cyberattack last week. In an update Wednesday, the Australian airline said its investigation showed roughly 1.7 million had more than their name, email address and frequent-flyer details exposed.
It's likely that an unauthorized party stole data during a June 24 tech outage that disrupted some of Columbia University's IT systems, the school said in an update Wednesday.
The Dutch conglomerate behind Giant and several other American supermarket brands on Thursday notified consumers of a November data breach, when an unauthorized party accessed its network. Ahold Delhaize USA Services said the breach potentially exposed the personal information of more than two million people. Maine's attorney general office also reported the breach, saying that 95,463 state residents were affected.
AT&T's proposed $177 million settlement stemming from 2019 and 2024 data breaches shows that multifactor authentication isn't optional, cybersecurity expert Joe Vadakkan wrote last week. In the 2024 incident, hackers penetrated AT&T's Snowflake cloud system using credentials that didn't have MFA and made off with customers' call and text metadata, he said. "Weak credential protections" made the hack possible, he added. "Supply chain vigilance is critical," as the Snowflake breach came via "internal compromises." The settlement received preliminary approval in U.S. District Court earlier this month.
McLaren Health Care on Friday notified customers of a data breach in its computer systems last summer that may have exposed the personal data of 743,131 people.
Remote patient monitoring company Smart Meter warned the public of the privacy and security risks associated with connected medical devices, whose sensitive personal data could be routed to China and other adversarial countries.