U.S. District Judge David Carter ruled the Justice Dept.'s demand for voter roll data would trample on Californians' privacy rights

Chrome extensions called "Phantom Shuttle" stole user data for years before Google removed them from the Chrome Web Store after researchers exposed the malicious tools.

This blog post is the latest installment in a series focused on the DOJ’s Bulk Sensitive Data Rule, and is intended to help stakeholders navigate the complex rule’s requirements and move toward full compliance.

The investigation is wrapped up, and found approximately 750,000 Canadian investors have had sensitive data exposed by the hackers, including dates of birth, phone numbers, annual income, social insurance numbers, government issued ID numbers, investment account numbers and account statements.

You have a responsibility to your customers and your business to keep all sensitive data secure. Here are 17 best practices to secure your information.

Epic Systems and several healthcare providers have sued Health Gorilla and other companies, alleging they exploited interoperability networks to improperly access and monetize nearly 300,000 patient medical records without consent.

Varonis found a “Reprompt” attack that let a single link hijack Microsoft Copilot Personal sessions and exfiltrate data; Microsoft patched it in January 2026.

Public WiFi can expose sensitive personal and financial data if you log into accounts, enter passwords, or connect without basic security protections.

President Trump posted jobs figures on Thursday ahead of their official publication by the Department of Labor.

A new US Department of Justice (DOJ) rule on “Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of Concern (including China) or Covered Persons” (rule) prohibits and restricts certain covered data transactions ...

The Reprompt Copilot attack bypassed the LLMs data leak protections, leading to stealth information exfiltration after the chat was closed