A KDDI data breach has put up to 14.2 million ISP email logins at risk across Japan

UK businesses fear stigma of ransomware

Alex Scroxton reports: Fear of stigmatisation is likely leading businesses across the UK to drastically underreport data on ransomware attacks, especially when they have paid a ransom to a cyber criminal gang, as admission of such is often seen as supporting further criminal activity or defying compliance regulations. Data gleaned from the national Report Fraud service – which... Source

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance

Central Bank of Libya investigates alleged data leak after cyberattack

SafaAlharathy reports: Libya’s central bank (CBL) says it is investigating data published on the dark web following a recent cyberattack. In a statement, the bank said its technical teams, working with international experts, were analysing the data to determine its nature and whether it is linked to the attack reported earlier this month. The bank... Source

Who should care: Cybersecurity · Privacy officers · Administrators

ZA: Copying the wrong person on an email could be considered a data breach in South Africa

A South African regulatory enforcement action against a technical college has clarified that accidentally sending an email to the wrong recipient can constitute a reportable data breach under POPIA, the country's data protection law. Legal experts say the ruling establishes that unintentional internal disclosures of personal information carry the same mandatory reporting obligations as deliberate breaches.

Why this matters: The ruling reinforces that individuals' personal data warrants protection even from inadvertent exposure, not just malicious actors. Organizations must now treat routine human error with the same rigor as cyberattacks, potentially strengthening everyday data hygiene around how personal information is handled and shared.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance · General readers · Policy

Red, white and glowing blue: Trump's push for new reactors reaches the finish line

A program initiated by the Trump administration has allowed small companies to rush their testing of several new nuclear reactor designs. Some worry that safety is being compromised.

Who should care: Cybersecurity · Privacy officers · Administrators

Data breach exposes up to 14.2 million email logins at six ISPs

Japanese telecommunications operator KDDI Corporation disclosed a data breach where threat actors gained access to one of its email systems used by five other internet service providers (ISPs) in the country. [...]

Who should care: Cybersecurity · Privacy officers · Administrators

AssuranceAmerica breach may have affected more than 1.1 million people in seven states

Krys Shahin and Christopher Buchanan report: State officials are warning at least 1.1 million people across seven states may be impacted by an AssuranceAmerica data breach. Notices about the breach were sent to California, Massachusetts, Nebraska, South Carolina, Texas, Vermont, and Washington residents Friday. AssuranceAmerica Managing General Agency, LLC, said they detected “suspicious activity” on... Source

Who should care: Cybersecurity · Privacy officers · Administrators