• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

UK

UK Data Protection Regulator Fines 23andMe ~$3.1 Million Following Credential Stuffing Attack

July 2, 2025 By Hanna Hewitt and Kelly Hagedorn

On June 5, 2025, the UK’s Information Commissioner’s Office (ICO) fined 23andMe £2.31 million (~$3.1 million). The fine was for failing to implement adequate security measures to protect the personal data of over 155,000 UK users. The penalty followed a joint investigation with the Office of the Privacy Commissioner of Canada, highlighting  how regulators are […]

Filed Under: Cybersecurity, Data Breach, Security Breach, UK Tagged With: Data breach, ICO, security, UK, UK Cybersecurity

UK Publishes Software Security Code

May 15, 2025 By Hanna Hewitt and Kelly Hagedorn

Cyber security supply chain risks are growing, and attacks on vendors and other third parties cause severe disruption to businesses. For example, in recent years we have seen many incidents that have involved threat actors compromising third-party software used by a significant number of customers. With that background, on May 7, 2025, the National Cyber […]

Filed Under: Cybersecurity, Data Security, International, Supply Chain, UK, Uncategorized Tagged With: Cyber resilience, Supply Chain, UK

UK Unveils Post-Brexit Data Plans with an Emphasis on International Transfers of Personal Data

August 26, 2021 By Paul Greaves

Today, the UK Department of Digital, Culture, Media and Sport (“DCMS”) has made a series of announcements shedding light on the UK’s post-Brexit data strategy. The announcements – which emphasize the importance of international transfers of personal data to global trade – include as follows: A Press Release, providing an overview of the UK government’s […]

Filed Under: Data Protection, GDPR, International, Privacy Tagged With: EU Data Protection, International Data Transfers, UK, UK data protection

UK ICO publishes the final version of its Age Appropriate Design Code

February 6, 2020 By Paul Greaves and Wim Nauwelaerts

On January 21, 2020, the UK ICO published the final version of its Age Appropriate Design Code (the “Design Code”), which sets out 15 standards that online services should meet to protect children’s privacy. The Design Code is not only applicable to online services squarely aimed at children, but also covers online services likely to […]

Filed Under: Behavioral Advertising, Children's Privacy, Data Protection, ePrivacy, GDPR, Online Privacy Tagged With: Behavioral Tracking, Big Data, Children, EU Data Protection, EU Privacy, GDPR, ICO, Social Media, UK

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


RANSOMWARE FUSION CENTER
Click here to request access

THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • Back from the Brink: District Court Clears Air Regarding Individualized Damages Assessment in Data Breach Cases
  • UK Data Protection Regulator Fines 23andMe ~$3.1 Million Following Credential Stuffing Attack
  • NYDFS Issues Guidance on Heightened Cybersecurity and Sanctions Risk from Global Conflict
  • Are You Ready For The Department Of Justice’s Bulk Data Transfer Rule?
  • Trump Administration Releases Cyber Executive Order Revealing Renewed Strategy for U.S. Cybersecurity
Copyright © 2025 · Alston & Bird · All Rights Reserved. Privacy.
This website uses cookies to improve functionality and performance. By continuing to browse this site, you are consenting to the use of cookies on this website. OkCookie policy