Advocacy Group Files GDPR Complaint Against X Over AI Data Use

Austrian advocacy group NOYB filed complaints against X (formerly Twitter), alleging the platform unlawfully trained AI using personal data without user consent, violating EU privacy law. The complaints target multiple EU regulators, pressuring Ireland’s Data Protection Commission (DPC), which is leading the investigation. X agreed to halt AI training using personal data collected without consent but is criticized for delayed compliance. NOYB aims to ensure X adheres to EU laws requiring explicit user consent for such practices. Read more

Massive Data Leak Puts Personal Information of Billions at Risk

A data breach affecting 2.9 billion records from National Public Data was reportedly released by a hacker group on an online marketplace, exposing sensitive information including Social Security numbers. The breach, initially offered for $3.5 million, now poses risks for identity theft and fraud. The lawsuit and breach investigation highlight growing concerns about how personal data is protected, with experts urging stronger personal cybersecurity measures like credit freezes, two-factor authentication, and secure password management. Read more

Columbus Data Breach Exposes Sensitive City Records on Dark Web

The City of Columbus is investigating a ransomware attack that led to the leak of sensitive data, including Social Security numbers and city records, now available on the dark web. Cybersecurity expert David Ross Jr. discovered nearly half a million entries, including personal details from driver's license scans and data on crime victims. Despite initial assurances that the stolen data was unusable, city officials are reassessing and engaging with federal authorities to address the breach and protect residents. Read more

Acadian Ambulance Faces Consolidated Class Actions Over Data Breach

Eight class-action lawsuits against Acadian Ambulance, linked to a June data breach, have been consolidated by a U.S. magistrate judge. The lawsuits claim the Daixin Team accessed patient data, including names, Social Security numbers, and medical information. The hackers reportedly demanded a $7 million ransom, which Acadian declined. The company maintains that the breach impacted fewer individuals than claimed and continues investigating. The consolidated case will address all related future lawsuits. Read more

T-Mobile Fined $60 Million by CFIUS for Breach of Mitigation Agreement

T-Mobile has been fined $60 million by the Committee on Foreign Investment in the U.S. (CFIUS) for failing to adhere to a mitigation agreement after its Sprint acquisition in 2020. The penalty stems from unauthorized data access in 2020-2021 due to technical issues during the Sprint integration. The CFIUS highlighted this enforcement as a move to strengthen compliance. The committee, focused on national security, has increased penalties significantly in recent years. T-Mobile is currently pursuing a $4.4 billion acquisition of U.S. Cellular. Read more