data privacy
-
Rituals discloses data breach affecting My Rituals members
Rituals said attackers stole personal information from its My Rituals membership database, affecting an undisclosed number of customers. The company said passwords and payment information were not accessed and that it has contained the breach.
-
FBI warns Americans about data risks from Chinese mobile apps
The FBI warned Americans about privacy and data security risks from foreign-developed mobile apps, especially those made by Chinese developers, saying some can collect extensive data and store it on servers in China.
-
Security analysis finds vulnerabilities in popular mental health apps on Google Play
A technical analysis by Oversecured found vulnerabilities in popular Android mental health apps that can expose conversation histories and mood data. Affected apps have tens of millions of combined downloads and the flaws remain unpatched.
-
Law firm sues Lenovo over alleged bulk transfer of US data to China
A law firm filed a class action accusing Lenovo of exposing 100,000 or more US consumers’ data to Chinese entities via website trackers. The suit seeks class action relief, restitution, disgorgement and statutory damages.
-
Italy fines Apple €98.6 million over App Tracking Transparency practices
Italy’s competition authority fined Apple €98.6 million, saying App Tracking Transparency exempted Apple apps and forced developers into a burdensome double-consent process; Apple plans to appeal.
-
University of Sydney says coding repository breach exposed personal data of more than 27,000
The University of Sydney said an online coding repository was breached, exposing files with personal information for more than 27,000 current and former staff and students. The university blocked access, notified regulators, began notifying affected people and set up support services, but said there was no evidence the data has been published or misused.
-
Texas sues five TV makers over alleged secret collection of viewing data
Texas Attorney General Ken Paxton sued Sony, Samsung, LG, Hisense and TCL, alleging their smart TVs used Automated Content Recognition to capture and transmit viewing data without consent; Paxton’s office also warned of national security risks tied to China-based companies.
-
Global privacy laws strengthen rights but enforcement and outcomes remain uneven
A 35-year review by researchers at Dakota State University finds that global privacy laws have expanded rights and obligations but enforcement and measurable reductions in harm are uneven; the study highlights uneven fines and compliance rates, growing technology-driven pressures, cross-border uncertainty and the need for metrics to track outcomes.
-
Freedom Mobile discloses breach after subcontractor account used to access customer data
Freedom Mobile said attackers used a subcontractor’s account to access its customer account management platform, exposing names, addresses, dates of birth, phone numbers and account numbers; the company detected the breach on October 23 and has not disclosed the number of affected customers.
-
Meta gives researchers a WhatsApp Research Proxy and tightens anti-scraping protections
Meta has given selected bug bounty researchers access to a WhatsApp Research Proxy and launched a pilot to study platform abuse, while adding anti‑scraping protections after a public report showed how contact discovery could be abused to enumerate accounts at scale. Meta also patched a Unity‑related vulnerability affecting Quest devices and said it has paid…
