Legal
Spain arrests suspected hacker of US and Spanish military agencies
The Spanish police have arrested a suspected hacker in Alicante for allegedly conducting 40 cyberattacks targeting critical public and private organizations, including the Guardia Civil, the Ministry of Defense, NATO, the US Army, and various universities. Spanish media reports that the suspect was brought before a court and subsequently released after having his passport confiscated to prevent him […]
KuCoin to pay nearly $300 million in penalties after guilty plea
KuCoin’s operator, PEKEN Global Limited, pleaded guilty to operating an unlicensed money-transmitting business and agreed to pay $297 million in penalties to settle charges in the U.S. The cryptocurrency exchange was charged in March 2024 for its failure to implement the required anti-money laundering (AML) requirements, allowing cybercriminals to use the platform to launder their proceeds. According […]
PayPal to pay $2 million settlement over 2022 data breach
New York State has announced a $2,000,000 settlement with PayPal over charges it failed to comply with the state’s cybersecurity regulations, leading to a 2022 data breach. The Department of Financial Services (DFS) action says that threat actors took advantage of security gaps in PayPal’s systems to conduct credential stuffing attacks that provided access to sensitive […]
FTC orders GM to stop collecting and selling driver’s data
The Federal Trade Commission (FTC) is taking action against General Motors (GM) and its subsidiary, OnStar, for unlawful collection and selling drivers’ precise geolocation and driving behavior data from millions of vehicles. The U.S. government organization proposes a settlement in which the automotive giant will be barred from sharing drivers’ sensitive data for five years. The car […]
US sanctions Chinese firm, hacker behind telecom and Treasury hacks
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a Shanghai-based hacker for his role in the recent Treasury breach and a company associated with the Salt Typhoon threat group. “Yin Kecheng has been a cyber actor for over a decade and is affiliated with the People’s Republic […]
GDPR complaints filed against TikTok, Temu for sending user data to China
Non-profit privacy advocacy group “None of Your Business” (noyb) has filed six complaints against TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi, for unlawfully transferring European user’s data to China and infringing European Union’s general data protection regulation (GDPR). Founded by Austrian privacy activist Max Schrems, NOYB works through legal action against companies that violate users’ privacy rights, particularly in […]
Wolf Haldenstein law firm says 3.5 million impacted by data breach
Wolf Haldenstein Adler Freeman & Herz LLP (“Wolf Haldenstein”) reports it has suffered a data breach that exposed the personal information of nearly 3.5 million individuals to hackers. The incident took place on December 13, 2023, but the firm says data analysis and digital forensic complications severely delayed the completion of its investigation. Last Friday, […]
Allstate car insurer sued for tracking drivers without permission
Texas Attorney General Ken Paxton has filed a lawsuit against Allstate and its data subsidiary Arity for unlawfully collecting, using, and selling driving data from over 45 million Americans. The two companies are accused of paying millions of dollars to app developers to embed tracking code in widely used mobile apps to gather the location […]
Pastor who saw crypto project in his “dream” indicted for fraud
A pastor at a Pasco, Washington, church has been indicted on 26 counts of fraud for allegedly operating a cryptocurrency scam that defrauded investors of millions between 2021 and 2023. The US Department of Justice says the pastor, Francier Obando Pinillo, 51, used his position to recruit investors into a fraudulent cryptocurrency venture called “Solano Fi,” which […]
Telegram hands over data on thousands of users to US law enforcement
Telegram reveals that the communications platform has fulfilled 900 U.S. government requests, sharing the phone number or IP address information of 2,253 users with law enforcement. This number is a steep increase from previous years, with most requests processed after the platform’s policy shift on sharing user data, announced in September 2024. While Telegram has long been […]