New York State has announced a $2,000,000 settlement with PayPal over charges it failed to comply with the state's cybersecurity regulations, leading to a 2022 data breach. [...]

The Federal Trade Commission (FTC) has announced action against General Motors (GM) and its subsidiary, OnStar, for unlawful collection and sale of drivers' precise geolocation and driving behavior data without first obtaining their consent. [...]

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a Shanghai-based hacker for his role in the recent Treasury breach and a company associated with the Salt Typhoon threat group. [...]

Wolf Haldenstein Adler Freeman & Herz LLP ("Wolf Haldenstein") reports it has suffered a data breach that exposed the personal information of nearly 3.5 million individuals to hackers. [...]

The Federal Trade Commission (FTC) is distributing over $72 million in Epic Game Fortnite refunds for the company's use of dark patterns to trick players into making unwanted purchases. [...]

An international law enforcement operation codenamed 'Operation Passionflower' has shut down MATRIX, an encrypted messaging platform used by cybercriminals to coordinate illegal activities while evading police. [...]

South Korean police have arrested a CEO and five employees for manufacturing over 240,000 satellite receivers pre-loaded or later updated to include DDoS attack functionality at a purchaser's request. [...]

An international law enforcement operation has dismantled a pirate streaming service that served over 22 million users worldwide and made €250 million ($263M) per month. [...]

An international law enforcement operation led to the arrest of one of the three administrators of the dual dark web market 'Bohemia/Cannabia,' known for hosting ads for drug sales and distributed denial of service (DDoS) attacks. [...]

A 21-year-old man from Indiana named Evan Frederick Light pleaded guilty to stealing $37,704,560 worth of cryptocurrency from 571 victims in a 2022 cyberattack. [...]

Nuclear waste processing facility Sellafield has been fined £332,500 ($440k) by the Office for Nuclear Regulation (ONR) for failing to adhere to cybersecurity standards and putting sensitive nuclear information at risk over four years, from 2019 to 2023. [...]

The U.S. Securities and Exchange Commission (SEC) charged Robert B. Westbrook, a U.K. citizen, with hacking into the computer systems of five U.S. public companies to access confidential earnings information and conduct insider trading. [...]

The U.S. government has indicted a co-owner of a Minnesota IT company for his participation in an international conspiracy to sell forged license keys for networking devices. [...]

The Data Protection Commission (DPC) in Ireland has fined Meta Platforms Ireland Limited (MPIL) €91 million ($100 million) for storing in plaintext passwords of hundreds of millions of users. [...]

The U.S. Department of Justice (DoJ) has announced charges against two Russian nationals for operating billion-dollar money laundering services for cybercriminals, including ransomware groups. [...]

WordPress.org has banned WP Engine from accessing its resources and stopped delivering plugin updates to websites hosted on the platform, urging impacted users to choose other hosting providers. [...]

The FBI says that 2023 was a record year for cryptocurrency fraud, with total losses exceeding $5.6 billion, based on nearly 70,000 reports received through the Internet Crime Complaint Center (IC3). [...]

The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) on Clearview AI for unlawful data collection using facial recognition, including photos of Dutch citizens. [...]

The Federal Trade Commission (FTC) requires security camera vendor Verkada to create a comprehensive information security program as part of a settlement after multiple security failures enabled hackers to access live video feeds from internet-connected cameras. [...]