Top News | Christie's Auction House Hacked, Client Data Compromised; Apple to Unveil Confidential Computing AI Strategy at WWDC and more
COPPA 2.0 Gains Momentum Amidst Legislative Debate
The Children's Online Privacy Protection Act (COPPA) is set for updates with the proposed COPPA 2.0, expanding protections to teens and revising consent standards. COPPA 2.0 advanced unanimously from the Senate Commerce Committee and now has a House companion bill. Concurrently, the American Privacy Rights Act (APRA) draft proposes changes that exclude teens from COPPA’s scope, creating tension with COPPA 2.0. Family advocates express concerns over APRA’s potential to weaken current child privacy protections. The legislative process continues to refine these proposals for future youth privacy regulations. Read more
Christie's Auction House Hacked, Client Data Compromised
Christie's auction house confirmed a cyberattack by ransomware group RansomHub, potentially linked to Russia, compromising data of 500,000 clients. On May 9, Christie's took down its website ahead of key New York auctions due to a "technology security incident," with the site offline for 10 days. RansomHub claims to possess sensitive client information, including names and nationalities. Christie's spokesman stated that limited personal data was accessed, but no financial records were compromised. Privacy regulators and affected clients are being notified as investigations continue. Read more
Apple to Unveil Confidential Computing AI Strategy at WWDC
At WWDC, Apple will introduce its AI strategy for iOS 18 and other systems, combining on-device and server processing. Apple aims to address privacy concerns by using confidential computing techniques, allowing "black box processing." This method keeps user data private even during server processing, leveraging Secure Enclave technology. Despite potential vulnerabilities from physical server access, the approach ensures high security, limiting data access even under legal subpoenas. The initiative, in development for over three years, might eventually support lightweight wearables by offloading processing to Apple's backend. More details will be revealed at WWDC on June 10. Read more
FCC Proposes $2 Million Fine Against Lingo Telecom for Robocall Violations
On May 28, 2024, the FCC proposed a $2 million fine against Lingo Telecom for violating FCC rules following an investigation into robocalls before the New Hampshire primary. The robocalls featured deepfake audio of President Biden urging voters not to vote. Lingo Telecom, identified as the originating provider, failed to implement the STIR/SHAKEN authentication framework. The FCC coordinated with the New Hampshire AG, DoJ, and other organizations for the investigation. Lingo Telecom can respond before further action is taken. Read more
Johnson & Johnson Data Breach Linked to Cencora Incident
Johnson & Johnson announced a data breach linked to Cencora's Lash Group, affecting approximately 175,000 Texans, with the total number of victims potentially much higher. The breach compromised patient information, including names, addresses, medical details, and birthdates. The incident is part of a larger breach discovered in February, involving over a dozen pharmaceutical companies, including major firms like Bristol Myers Squibb and Regeneron Pharmaceuticals. Affected individuals have been notified, and free credit monitoring is being offered. The full impact of the breach is still under assessment, with no identified perpetrator. Read more
Commenti