????? FILED Headlines: DeepSeek’s deep security issues; Keir Starmer’s personal email hacked; and Spyware company Paragon targeted WhatsApp users

Hi there,?

Welcome to FILED Headlines, the weekly edition of the FILED Newsletter focused on the latest, most essential news from the intersection of data privacy, data security, and governance.???

This week:?

• Researchers uncover deep security issues for AI model DeepSeek, as governments ban its use?

• Keir Starmer’s personal email hacked when he was in opposition?

• And spyware company Paragon targeted WhatsApp users, the social media platform alleges?

??? Privacy & governance??

Elon Musk's and his Department of Government Efficiency’s early moves have violated the Privacy Act and cybersecurity laws, according to legal experts.??

Meanwhile, the Treasury Department has agreed to temporarily block all but two members of the DOGE team from accessing sensitive payment records and to limit their access to “read-only,” according to a court filing.?

MasterCard has a plan to eliminate credit card numbers by 2030, in an attempt to limit identity theft and cybercrime. ?

The New South Wales Chief Justice has relaxed a ban on generative AI in NSW courts.?

2024 saw a year-over-year decrease in fines assessed by EU privacy regulators.

?? Security?

??Breaches?

Security researchers discovered a publicly accessible database for AI model DeepSeek, exposing the sensitive records of over one million users. Security researchers discovered the data exposure, which allowed for full database control and potential privilege escalation within the DeepSeek environment.?

Russia suspected of compromising UK Prime Minister Keir Starmer's personal email account. The suspected hack, which occurred while he was a member of the opposition party, also apparently came when he had not enabled two-factor authentication.?

Spyware company Paragon targeted WhatsApp users with zero-click malware, according to the platform, which has sent the company a cease-and-desist letter.?

IntelBroker claims a third data leak of Hewlett Packard Enterprise.?

Connecticut-based health center Community Health Center (CHC) has revealed that it fell victim to a data breach following a cyberattack at the beginning of this year, with one million customers impacted.?

Kazakhstan will audit its Foreign Ministry following a major cyberattack that researchers suspect may be linked to Russia-backed hackers.?

Delivery service Grubhub said a hacker stole personal data and payment card information from customers via a third-party contractor.???

????Legal cases & breach fallout?

DeepSeek bans: The Australian government has banned DeepSeek from government devices due to privacy and security concerns. Most Australian states and territories have followed suit and US lawmakers are pushing for a ban of their own.?

And as well as data leaks, AI model DeepSeek is vulnerable to jailbreaks.?

Cybersecurity regulations predictions for 2025.?

?? The latest from RecordPoint?

?? Read:??

Learn why and how better data visibility could help your organization improve efficiency and compliance.?

And – slightly more technical – understand what a database schema is, and how it should factor into your data governance practices.?

That's all from us for this edition of FILED Headlines. We'll be back with more headlines next week. If you'd like more FILED in your inbox or your headphones, subscribe to the monthly newsletter and podcast, and check out the full archive for both while you're at it.?

See you next week for plenty more FILED Headlines!?