Hyundai is warning customers after a newly confirmed data breach may have exposed the personal information of up to 2.7 million drivers. The breach, traced to Hyundai AutoEver, leaked sensitive data including names, driver’s license numbers, and Social Security numbers. Although the attack happened in February, a months-long investigation means affected customers are only being notified now. Hyundai has brought in cybersecurity experts and is offering two years of free credit

Apple has issued a security alert, urging all users to update their devices immediately. A recently discovered vulnerability could allow hackers or third parties to access locked devices, bypass passcodes, and extract sensitive data. The update is available for iPhone XS and later, several iPad models, Apple Watch, and Macs, fixing the CVE-2025-24200 flaw. The issue affects USB Restricted Mode, originally designed to prevent tools like “GrayKey” from accessing private data. W

Amazon has lost its appeal against a record €746 million ($812M) fine imposed by Luxembourg’s privacy regulator (CNPD) for violating EU GDPR rules. The court sided with the CNPD, which had penalized Amazon for improperly processing personal data. While Amazon is considering further appeals, the ruling underscores Europe’s strict approach to data protection and its willingness to enforce the GDPR at the highest levels. The CNPD also included measures for Amazon to remedy the d

Ireland’s Data Protection Commission (DPC) has fined TikTok €530 million for failing to ensure that European user data transferred to China was protected from access by Chinese authorities. The investigation revealed that TikTok provided misleading information to the DPC and failed to demonstrate that data sent to China would have protection levels equivalent to GDPR standards. While TikTok claims it never shared data with the Chinese government, the DPC found that data was r

Recent court decisions in Germany and at the European General Court are challenging the traditional interpretation of GDPR compensation. Historically, under Art. 82 GDPR, data subjects could only claim damages if they proved actual harm resulting from a GDPR violation. However, recent cases—like Junghans v. Meta and Bindl v. European Commission—suggest that a mere loss of control over personal data or uncertainty about its processing can now qualify as non-material damages, e

The European Commission is preparing changes to the General Data Protection Regulation (GDPR) aimed at reducing administrative burdens for small and medium-sized enterprises (SMEs), while maintaining strong privacy protections. Proposed adjustments may include simplifying data registration requirements for companies with fewer than 500 employees.   The initiative responds to concerns that the current GDPR framework increases compliance costs, creates legal uncertainty due to