Top news: Utah’s new consumer privacy law, Klarna Bank fined for GDPR violations, and more


Utah enacts Consumer Privacy Act

The Utah Consumer Privacy Act (UCPA) was signed into law, making it the fourth US state to have an omnibus consumer privacy law. The UCPA is modeled after Virginia’s Consumer Data Protection Act and will go into effect on December 31, 2023. Read More


ICO fines company for sending spam text messages

The Information Commissioner’s Office (ICO) imposed a fine of £80,000 on H&L Business Consulting for sending unsolicited text messages to individuals without receiving consent. The messages were sent between January 2020 and July 2020, resulting in more than 300 complaints. Read More


Apple, Meta misled into sharing user data

Apple and Meta have been found to have shared customer data with hackers posing as law enforcement authorities. The companies provided details like address, phone number and IP address in response to forged emergency data requests by the hackers. Read More


Klarna Bank fined for GDPR violations

The Swedish Privacy Protection Authority (IMY) issued a fine of 7.5 million kronor against Klarna Bank for failing to comply with several rules of the GDPR. During the review, the company continuously changed the information provided about how it handles personal data. It also provided incomplete and misleading information about the recipient of different categories of personal data when data was shared with Swedish and foreign credit reference authorities. Read More


Nestlé denies cyber attack

After hacker group Anonymous’ claim of a cyber, Nestlé has denied the reports and stated that the data was in fact accidentally leaked by the company itself. The data consisted of purchase orders and email addresses of Nestlé staff and some of its suppliers. Read More


Researchers find Honda bug that can unlock cars

Researchers have discovered a vulnerability in the remote keyless system of select Honda and Acura car models that allows an attacker in the vicinity to unlock the car and even start the engine from a short distance. The vulnerability is that the unencrypted radio frequency (RF) signal can be intercepted by a man-in-the-middle position and can be used to perform the same actions on the vehicle as the owner. Read More