According to recent reports issued by Microsoft and U.S. government agencies, hackers recently exploited a gap in Microsoft’s cloud environment, enabling the malicious actors to access the email accounts of employees at the United States Commerce and State Departments. Including the U.S. government, around 10 organizations were victimized in the U.S. and about 25 were […]
Uncategorized
Council of Europe Launches Model Contractual Clauses for Transfers of Personal Data
On June 16, 2023, the Council of Europe’s Committee of Convention 108+ (i.e., the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data) adopted Model Contractual Clauses for cross-border data flows (“MCCs”). The MCCs are intended to cover the transfers of personal data to countries that are not parties to […]
CL0P Ransomware Gang’s Exploitation of MOVEit Vulnerability: What It Means for Companies
On June 7, 2023, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a Joint Cybersecurity Advisory in connection with a recent zero-day (or previously undetected) vulnerability in Progress Software’s managed file transfer software (MOVEit Transfer), exploited by the CL0P ransomware group. CL0P publicly claimed responsibility for exploiting the […]
California Privacy Protection Agency Approves CCPA Regulations
The California Privacy Protection Agency (CPPA) voted unanimously Friday to approve the newest version of the draft California Consumer Privacy Act (CCPA) regulations. These regulations are substantively the same as those considered by the CPPA Board during its October 2022 meeting. This vote marks the conclusion of a chapter that began in May 2022, when […]
California Attorney General Initiates New Investigative Sweep under the CCPA
The California Attorney General on Friday announced a new investigative sweep under the California Consumer Privacy Act (CCPA). The announcement marks the third year in a row in which the Attorney General’s office has initiated a significant enforcement or regulatory initiative on Data Privacy Day[1]. This year, Attorney General Bonta’s team is focusing on B2C […]