UK Police Arrest Two Teens Over Kido Nursery Ransomware Attack
Met Police arrested two teenagers over the Kido nursery ransomware attack, which exposed data for 8,000 children. Full details on the hack and police investigation.
Privacy
Flok License Plate Surveillance
The company Flok is surveilling us as we drive:
A retired veteran named Lee Schmidt wanted to know how often Norfolk, Virginia’s 176 Flock Safety automated license-plate-reader cameras were tracking him. The answer, according to a U.S. District Court lawsuit filed in September, was more than four times a day, or 526 times from mid-February to early July. No, there’s no warrant out for Schmidt’s arrest, nor is there a warrant for Schmidt’s co-plaintiff, Crystal Arrington, whom the system tagged 849 times in roughly the same period.
You might think this sounds like it violates the Fourth Amendment, which protects American citizens from unreasonable searches and seizures without probable cause. Well, so does the American Civil Liberties Union. Norfolk, Virginia Judge Jamilah LeCruise also agrees, and in 2024 she ruled that plate-reader data obtained without a search warrant couldn’t be used against a defendant in a robbery case…
New Shuyal Stealer Targets 17 Web Browsers for Login Data and Discord Tokens
Researchers warn of Shuyal Stealer, malware that gathers browser logins, system details, and Discord tokens, then erases evidence via Telegram.
5 common GDPR mistakes – and how training can fix them
Most GDPR (General Data Protection Regulation) breaches arise from everyday slip-ups, such as missing DSAR (data subject access request) deadlines, picking the wrong lawful basis for processing, failing to enforce retention periods, keeping inadequate records or misreporting incidents. However, fall short of your compliance obligations – for whatever reason – and you face complaints, investigations, reputational harm, legal action and regulatory enforcement, including fines of up to £17.5 million under the UK GDPR or €20 million under the EU GDPR, or 4% of your annual global turnover – whichever is greater. This blog post sets out five common GDPR compliance
The post 5 common GDPR mistakes – and how training can fix them appeared first on IT Governance Blog.
Rainwalk Pet Insurance Exposes 158 GB of US Customer and Pet Data
A misconfigured database belonging to a pet insurance company, “Rainwalk Pet Insurance,” exposed sensitive PII and veterinary claim data. The data exposure reveals new fraud tactics, including microchip and reimbursement scams.
New Study Warns Several Free iOS and Android VPN Apps Leak Data
A Zimperium zLabs analysis of 800 free Android and iOS VPN apps exposes critical security flaws, including the Heartbleed bug, excessive system permissions, and non-transparent data practices. Learn how these ‘privacy’ tools are actually major security…
Renault UK Customer Records Stolen in Third-Party Breach
Renault UK warns customers of a third-party data breach exposing personal details, stressing vigilance against fraud and confirming no bank data lost.
$20 YoLink IoT Gateway Vulnerabilities Put Home Security at Risk
Four critical zero-day flaws found in the $20 YoLink Smart Hub allow remote physical access, threatening your home security. See the urgent steps you must take now.
WestJet Confirms Passenger IDs and Passports Stolen in Cyberattack
WestJet confirms a data breach starting June 13, 2025, stole passport/ID and personal data. Credit cards and passwords are safe. The airline offers 24 months of free identity monitoring, including $1M insurance.
Who Needs ISO 27001 Foundation Training?
ISO 27001 training isn’t just for auditors or security consultants. Indeed, many roles need baseline knowledge of the Standard. If you help to protect information, support audits or manage suppliers, you will benefit. Foundation training teaches you the structure of an ISMS (information security management system), the core requirements in ISO/IEC 27001:2022 and what the Annex A controls cover in practice. It’s short, accessible and accredited, you can study in person or online, and there’s an exam and a recognised certificate on completion. What the Foundation course covers Outcomes Who needs ISO 27001 Foundation training? 1. IT administrators moving into
The post Who Needs ISO 27001 Foundation Training? appeared first on IT Governance Blog.