An Indian court has instructed insurer Star Health to assist Telegram in identifying chatbots responsible for leaking sensitive customer data through the messaging app. Star Health, the country’s largest insurer, sought the directive after a report revealed that a hacker leaked private information, including medical and tax documents, via Telegram chatbots.
Justice K Kumaresh Babu of the Madras High Court ordered Star Health to provide details on the chatbots so Telegram could delete them. Telegram’s legal representative, Thriyambak Kannan, stated that while the app can’t independently track data leaks, it will remove the chatbots if the insurer supplies specific information.
Star Health is facing a $68,000 ransom demand and has launched an investigation into the leak, which includes claims about potential involvement of its chief security officer. However, the insurer has found no evidence implicating the officer.
LinkedIn has been fined 310 million euros by European Union regulators for breaching the bloc’s strict data privacy rules. The penalty targets the Microsoft-owned platform for improperly using personal data to target users with ads.
Ireland’s Data Protection Commission (DPC) issued the fine, criticising LinkedIn for failing to handle user data lawfully, fairly, and transparently. As LinkedIn’s European headquarters is in Dublin, the DPC acts as the platform’s lead privacy regulator across the EU.
The investigation found LinkedIn lacked a lawful basis to collect personal information for advertising, violating the General Data Protection Regulation (GDPR). Regulators have ordered the company to align its practices with GDPR standards.
LinkedIn maintains it was operating within the rules but confirmed it is adjusting its advertising practices to meet compliance requirements. Deputy Commissioner Graham Doyle stressed that processing data without legal grounds undermines the fundamental right to privacy.
The UK is expected to introduce laws regulating stablecoins within the next few months, according to Circle’s global head of policy, Dante Disparte. Stablecoin usage has surged recently, with the market reaching a record high of nearly $170 billion in Q3 2024, pushing regulators to act.
While the European Union has already implemented its Markets in Crypto-Assets regulation, the UK has been slower to create specific rules. However, recent developments, including a proposal to classify digital assets as personal property, suggest progress is being made.
With clearer regulations, the UK hopes to capitalise on the potential benefits of stablecoins, such as faster payments and innovation in financial services, while addressing risks linked to these digital assets.
The Australian Competition and Consumer Commission (ACCC) is enhancing its cybersecurity capabilities throughout FY25 as part of a broader strategy to improve compliance and maturity in line with the Australian Cyber Security Centre’s Essential Eight framework. The initiative addresses the ACCC’s expanding regulatory role within Australia’s cybersecurity landscape, particularly with the launch of the national anti-scam centre and digital ID, set to take effect on 1 December.
The ACCC will be responsible for accrediting digital ID services, approving participants in the government’s digital ID service, and enforcing compliance regulations, resulting in a heightened workload and increased resource demand. To tackle these challenges, the ACCC aims to elevate its cybersecurity maturity to level two of the Essential Eight framework, prioritising risk management and improvement initiatives.
To strengthen its cybersecurity posture, the uplift will be supported by leveraging various Microsoft technologies, including Active Directory, Group Policy, Defender, Sentinel, and Intune. Recognising the importance of robust defences against cyber threats, the ACCC is committed to allocating the necessary resources to support its enhanced cybersecurity efforts. By elevating its maturity level and effectively managing emerging risks, the ACCC seeks to ensure the resilience of its operations and safeguard consumer interests in an increasingly complex cyber landscape.
Denmark’s Tax Law Council has proposed a bill that could tax unrealised gains and losses on crypto assets, potentially starting in 2026. The Council’s report outlined three possible taxation models, leaning towards “inventory taxation,” where entire portfolios are taxed annually, regardless of asset sales.
The proposed law aims to address perceived unfairness in the current taxation of crypto under the capital gains system. Danish Tax Minister Rasmus Stoklund is keen on clearer rules for crypto assets, though the bill is not expected to be introduced to Parliament until 2025.
If approved, the law would take effect in 2026, aligning Denmark with a global trend of tightening regulations for both crypto and traditional financial assets.
A Londoner who had his phone stolen while walking near the Science Museum believes Google’s new AI security update would have made a big difference. Tyler, whose phone was snatched by a thief on a bike, struggled to lock it remotely as he couldn’t remember his password. The update, which uses AI and sensors to detect when a phone is stolen, would automatically lock the screen to prevent thieves from accessing data.
Google’s new feature allows users to remotely lock a stolen device using just their phone number, a measure welcomed by Tyler as he believes it would have helped him secure his device in moments of panic. The initiative is part of a broader effort to combat phone theft, with mobile phones now accounting for 69% of all thefts in London. Last year, over 11,800 robberies involved phone thefts.
Sadiq Khan, the Mayor of London, also supports the update, having previously lobbied phone companies to make their devices less attractive to criminals. Tech experts say the update’s AI-driven security, combined with the Offline Device Lock feature, will make it harder for thieves to access stolen phones.
Tyler hopes the new technology will deter criminals from stealing phones altogether, as the devices would become worthless once locked. Without resale value, he believes phone thefts will be a waste of time for criminals.
Nexus and Utimaco have joined forces to enhance security for mobile identities, IoT devices, and critical infrastructure. The strategic partnership reflects a commitment to addressing escalating cybersecurity threats, especially as organisations increasingly adopt mobile-first environments and connected devices.
At the core of this collaboration are integrated security solutions that combine Nexus’ Public Key Infrastructure (PKI) platform with Utimaco’s Hardware Security Module (HSM) and encryption technologies. Specifically, these capabilities enable organisations to issue PKI-based mobile identities for secure access and authentication without traditional passwords while simultaneously allowing manufacturers to assign trusted identities to IoT devices during production.
Furthermore, the solutions support compliance with regulations such as VS-NfD and the EU Cyber Resilience Act (CRA), ensuring that sensitive information is protected and mitigating risks associated with counterfeit products and unauthorised access. A practical application of these integrated solutions is already evident in a major European telecommunications provider, which has successfully secured the provisioning and communication of its IoT devices, significantly reducing risks and maintaining regulatory compliance.
That partnership represents a proactive approach to cybersecurity, providing organisations with the tools needed to navigate the complexities of digital identity management and the secure deployment of connected devices. By leveraging each other’s expertise, Nexus and Utimaco aim to deliver robust solutions that enhance user convenience and strengthen overall security measures. As security threats evolve, the collaboration prioritises user flexibility and strong protection, paving the way for a more secure digital landscape.
The US Consumer Financial Protection Bureau (CFPB) introduced new rules to boost open banking by giving consumers more control over their financial data. These regulations will allow people to share their information more freely when seeking services, promoting competition between financial technology companies and traditional banks, which have been slow to grant access to customer data. CFPB Director Rohit Chopra likened the move to the system that lets mobile phone users switch providers while keeping their numbers, noting that it could modernise US payment systems.
The rules include strong privacy protections, ensuring companies can only use consumer data for specific services requested and preventing unauthorised use. They will also enable consumers to transfer their financial data between institutions at no cost, borrow on better terms by sharing data with lenders, and make direct payments from bank accounts. Consumers will also be able to revoke access to their data at any time.
The rules were part of the 2010 Wall Street reforms following the 2008 financial crisis. Smaller banks are exempt, while larger fintech firms have until 2026 to comply, and smaller ones have until 2030. These adjustments were made after feedback from industry stakeholders and the public.
The United States Federal Trade Commission (FTC) has introduced a rule banning the creation, purchase, and dissemination of fake online reviews, ensuring that testimonials are genuine and trustworthy. That includes reviews attributed to people who don’t exist, those generated by AI, or individuals with no real experience with the product or service.
The rule empowers the FTC to impose civil penalties on businesses and individuals knowingly engaging in such deceptive practices, holding violators accountable. By cracking down on fake reviews, the FTC protects consumers from being misled and ensures they can make informed purchasing decisions.
That initiative also promotes fair competition by penalising dishonest companies and supporting those operating with integrity, fostering a transparent and competitive marketplace. Additionally, the FTC’s rule goes beyond fake reviews by prohibiting businesses from using manipulative tactics such as unfounded legal threats, physical intimidation, or false accusations to influence their online reputation.
These measures prevent companies from using unethical strategies to control public perception, ensuring that business reputations are based on genuine consumer feedback, not coercion or deceit. The FTC aims to create a market environment that values honesty and fairness through this comprehensive approach.
Russian government spending on iPhones between January and September was four times higher than during the same period last year, according to Vedomosti. Security warnings and restrictions on some officials have not prevented these purchases.
The Federal Security Service (FSB) last year accused the US of using spyware to compromise thousands of iPhones. Although Apple rejected the claim, officials preparing for the 2024 presidential election were instructed to avoid iPhones over espionage concerns.
Contracts for iPhones totalled 6.9 million roubles for the first nine months of 2024, compared to 1.6 million the previous year. Despite the digital ministry banning iPhones for work purposes, officials and institutions continue to procure them.
Demand for the latest iPhone 16 remains strong, with consumers relying on grey-market imports after Apple halted direct exports due to the conflict in Ukraine. Even with higher prices, interest in Apple products across Russia shows no signs of slowing.
