????? FILED Headlines: 122 million hit by data aggregator hack; Delta, Amazon and more have employee data leaked; and hacking groups are teaming up!?

Hi there,?

Welcome to FILED Headlines, the weekly edition of the FILED Newsletter focused on the latest, most essential news from the intersection of data privacy, data security, and governance.? This week:?

• Data aggregator DemandScience reveals a hack affecting 122 million people. The cause? Legacy systems?

• What’s worse than one hacking group attacking your organization? Two hacking groups attacking your organization?

• The FCC is partnering with US state attorneys general and the CPPA?

??? Privacy & governance??

The Federal Communications Commission is focusing on cybersecurity through expanded government partnerships, partnering with state attorneys general, along with the California Privacy Protection Agency.?

A draft of the contentious United Nations Cybercrime Convention was approved on Monday, as it heads to a vote in the General Assembly next month. Critics of the resolution – including dozens of countries, technology companies, and human rights groups – worry about the potential use of the treaty to justify surveillance, human rights violations, and abuse of privacy.?

A reminder: if you use tracking pixels and your business is subject to the Australian Privacy Act, you need to ensure you have a lawful basis for collecting that data.?

Australia's Credential Protection Register has foiled some 500,000 attempts by fraudsters to verify stolen credentials since it was set up in the wake of the 2022 Optus data breach.?

?? Security?

??Breaches?

One breaks in and steals information, the other encrypts it and demands payment – two hacking groups have been recently observed working together to infect a victim.?

122 million people have had their data exposed due to a breach at data aggregator DemandScience. The breach appears to be via a decommissioned system.?

Delta, Amazon, McDonald’s, HSBC, and more have had employee data leaked by a threat actor using the moniker Nam3L3ss, who says they sourced the data through a MOVEit vulnerability in May 2023.?

57 million customers of US retail chain Hot Topic have been informed that their data may have been compromised in an alleged cyberattack.?

Employee eligibility verification solutions provider Form I-9 Compliance suffered a data breach impacting 190,000 people.??

Germany is warning of potential cyber threats by Russia as it approaches its snap election.?

Mac users in the crypto industry are being targeted with malware by suspected North Korean hackers after their funds.?

The U.S. deputy national security adviser for cyber and emerging technologies is urging President-elect Donald Trump to focus on ransomware and China.?

????Legal cases & breach fallout?

A US plastic surgery practice agreed to pay a $500,000 HIPAA settlement following a ransomware attack.?

Iranian hackers are targeting the aerospace industry, using fake job offers with the goal of infecting systems with malware.?

Idaho man sentenced to 10 years in prison after hacking nearly two dozen entities in the US, and stealing information from more than 132,000 people.?

?? The latest from RecordPoint?

?? Read:??

With US president-elect Donald Trump signaling a lighter regulatory approach, should businesses still invest in privacy and AI governance??

Any organization investing in GenAI needs to balance its productivity gains with the risk. To really reap the benefits of the technology, it must be trustworthy. Learn the elements of trustworthy AI and how to apply them in your organization.?

?? Listen:?

We’re closing in on the finale of season two of FILED, so we thought it may be worthwhile revisiting the finale from last season, where Anthony and Kris show off their favorite moments from FILED Season One.?

That's all from us for this edition of FILED Headlines. We'll be back with more headlines next week. If you'd like more FILED in your inbox or your headphones, subscribe to the monthly newsletter and podcast on the RecordPoint website and check out the full archive for both while you're at it.?