Today’s privacy digest highlights critical breaches affecting healthcare and online platforms, alongside regulatory scrutiny of Microsoft’s educational tracking. We also cover the implications of AI in surveillance and the evolving landscape of US privacy laws. Stay informed about the key developments shaping data protection and cybersecurity.
Top 5 Critical Privacy Alerts
- Microsoft ‘illegally’ tracked students via 365 Education: Austrian data protection regulator ruled Microsoft illegally tracked students and used their data. Read more
- SimonMed says 1.2 million patients impacted in January data breach: Medical imaging provider SimonMed Imaging is notifying over 1.2 million individuals of a data breach. Read more
- Secure Boot bypass risk threatens nearly 200,000 Linux Framework laptops: Signed UEFI shell components could be exploited to bypass Secure Boot protections. Read more
- SonicWall VPN accounts breached using stolen creds: Threat actors compromised over a hundred SonicWall SSLVPN accounts via stolen credentials. Read more
- LinkedIn Stuck With Three Lawsuits Over Online Data Tracking: LinkedIn faces lawsuits over collecting sensitive information without consent, violating California privacy laws. Read more
Privacy Laws & Regulations
- 2025 Brought Us Eight US “Comprehensive” Privacy Laws: Maryland law (MODPA) went into effect Oct 1st, bringing the US total to 17 (or 16). Read more
- California’s Latest Trio of Privacy Bills: New laws give consumers greater control over personal info, impacting businesses and data brokers. Read more
Data Minimization & User Consent
- LinkedIn Stuck With Three Lawsuits Over Online Data Tracking: LinkedIn faces lawsuits over collecting sensitive information without consent, violating California privacy laws. Read more
- Microsoft ‘illegally’ tracked students via 365 Education: Austrian data protection regulator ruled Microsoft illegally tracked students and used their data. Read more
Regulatory Fines & Enforcement Actions
- Microsoft ‘illegally’ tracked students via 365 Education: Austrian data protection regulator ruled Microsoft illegally tracked students and used their data. Read more
AI
- The Trump Administration’s Increased Use of Social Media Surveillance: Trump administration uses AI to monitor public speech of foreign nationals and revoke visas. Read more
- When AI Agents Join the Teams: The Hidden Security Shifts No One Expects: Autonomous AI agents now open tickets, fix incidents, and make decisions faster than humans. Read more
Breaches
- LinkedIn Stuck With Three Lawsuits Over Online Data Tracking: LinkedIn faces lawsuits over collecting sensitive information without consent, violating California privacy laws. Read more
- SimonMed says 1.2 million patients impacted in January data breach: Medical imaging provider SimonMed Imaging is notifying over 1.2 million individuals of a data breach. Read more
Cybersecurity
- Happy Cyber Awareness Month: October is Cyber Awareness Month, dedicated to raising awareness of cyber security incidents. Read more
- Recapping CMMC Level 2: Considerations for Government Contractors: Contractors handling CUI may need CMMC Level 2 self-assessment for new contracts starting Nov 10, 2025. Read more
- Secure Boot bypass risk threatens nearly 200,000 Linux Framework laptops: Signed UEFI shell components could be exploited to bypass Secure Boot protections. Read more
- Chinese hackers abuse geo-mapping tool for year-long persistence: Chinese hackers used a geo-mapping tool as a web shell for over a year. Read more
- Microsoft restricts IE mode access in Edge after zero-day attacks: Microsoft restricts IE mode access in Edge after zero-day attacks in Chakra JavaScript engine. Read more
- Massive multi-country botnet targets RDP services in the US: A large-scale botnet is targeting Remote Desktop Protocol (RDP) services in the United States. Read more
- SonicWall VPN accounts breached using stolen creds: Threat actors compromised over a hundred SonicWall SSLVPN accounts via stolen credentials. Read more
Microsoft
- Microsoft warns that Windows 10 reaches end of support today: Windows 10 will no longer receive patches for newly discovered security vulnerabilities. Read more
- Microsoft restricts IE mode access in Edge after zero-day attacks: Microsoft restricts IE mode access in Edge after zero-day attacks in Chakra JavaScript engine. Read more
- Microsoft ‘illegally’ tracked students via 365 Education: Austrian data protection regulator ruled Microsoft illegally tracked students and used their data. Read more
Healthcare
- SimonMed says 1.2 million patients impacted in January data breach: Medical imaging provider SimonMed Imaging is notifying over 1.2 million individuals of a data breach. Read more
Surveillance
- The Trump Administration’s Increased Use of Social Media Surveillance: Trump administration uses AI to monitor public speech of foreign nationals and revoke visas. Read more
- Protecting Privacy to Combat Authoritarianism: Surveillance is a powerful tool for authoritarian governments to stifle dissent. Read more
