Privacy, Governance, Risk and Compliance

TikTok hit with nearly $367M penalty for children’s data privacy violations

SC StaffSeptember 18, 2023

TikTok has been imposed an almost $367 million fine by Ireland's Data Protection Commission over the management of children's data privacy that was adherent to Europe's General Data Protection Regulation laws, reports The Verge. Aside from discovering that TikTok made children's accounts public by default, allowing access to comments, Stitch, and duets functionality, the DPC also noted that the video sharing app's "Family Pairing" functionality was not able to ensure that children's accounts were only connected with the accounts of their parents or guardians. TikTok's age verification process also failed to ensure that youths younger than 13 were not able to access the app, according to the IDC probe. The IDC has given TikTok three months to comply with GDPR rules. TikTok's penalty comes a year after Meta was given an over $400 million fine for failing to restrict teen users from creating business profiles and making contact details public on Instagram.

SC Staff

Ransomware

MOVEit hack impacts Ontario child registry data

SC StaffSeptember 27, 2023

Ontario's perinatal, newborn, and child registry Better Outcomes Registry & Network had sensitive data from nearly 3.4 million individuals compromised in late May as a result of the widespread MOVEit hack conducted by the Cl0p ransomware operation, reports BleepingComputer.

Cloud Security

Cyberattack compromises Progressive Leasing data

SC StaffSeptember 26, 2023

Major U.S. consumer product leasing firm Progressive Leasing has disclosed that some of its systems have been impacted by a cyberattack that resulted in the significant compromise of personally identifiable information belonging to its customers and other individuals, according to The Record, a news site by cybersecurity firm Recorded Future.

Incident Response

T-Mobile refutes employee data breach

SC StaffSeptember 25, 2023

T-Mobile has denied being impacted by a cyberattack in April that compromised employee information after VX-Underground reported that it had been notified by threat actors of the attack, which occurred immediately after the telecommunications provider was breached in March, according to The Record, a news site by cybersecurity firm Recorded Future.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news