This privacy intelligence digest highlights critical alerts including the Thai PDPC halting iris scans, rights groups challenging ICE’s face recognition program, and the FBI warning about a surge in cybercriminal impersonation resulting in $262M stolen. Also covered are London councils hit by a cyberattack and concerns surrounding Huawei’s surveillance capabilities. Stay informed with these key updates.
Top 5 Critical Privacy Alerts
- Thailand’s PDPC tells firm to halt iris scan service: Thailand’s PDPC orders TIDC Worldverse to halt iris scan services and delete data from 1.2 million people due to cryptocurrency exchange for personal data. Read more
- Rights Organizations Demand Halt to Mobile Fortify, ICE’s Handheld Face Recognition Program: Rights groups demand DHS halt ICE’s Mobile Fortify app, citing privacy violations and potential for wrongful detentions due to face recognition tech. Read more
- FBI: Cybercriminals stole $262M by impersonating bank support teams: The FBI warns of a surge in account takeover (ATO) fraud, with cybercriminals impersonating financial institutions stealing over $262 million this year. Read more
- Two London councils enact emergency plans after being hit by cyber-attack: Two London councils enact emergency plans after a cyber-attack, investigating potential data compromise and shutting down systems as a precaution. Read more
- Huawei and Chinese Surveillance: An excerpt from ‘House of Huawei’ details concerns about Huawei’s early history and its connection to Chinese surveillance. Read more
Regulatory Fines & Enforcement Actions
- Thailand’s PDPC tells firm to halt iris scan service: Thailand’s PDPC orders TIDC Worldverse to halt iris scan services and delete data from 1.2 million people due to cryptocurrency exchange for personal data. Read more
Security
- Microsoft to secure Entra ID sign-ins from script injection attacks — Microsoft will enhance Entra ID security against script injection attacks starting in mid-to-late October 2026. Read more
- ASUS warns of new critical auth bypass flaw in AiCloud routers — ASUS has released firmware patches for nine security vulnerabilities, including a critical authentication bypass flaw in AiCloud routers. Read more
- Passwork 7: Self-hosted password and secrets manager for enterprise teams — Passwork 7 unifies enterprise password and secrets management in a self-hosted platform, offering automation and free trials. Read more
- OnSolve CodeRED cyberattack disrupts emergency alert systems nationwide — A cyberattack on OnSolve CodeRED disrupted emergency notification systems used by state and local governments across the US. Read more
- The Black Friday 2025 Cybersecurity, IT, VPN, & Antivirus Deals — Early Black Friday deals are available across security software, online courses, system administration tools, antivirus products, and VPN services. Read more
- FBI: Cybercriminals stole $262M by impersonating bank support teams: The FBI warns of a surge in account takeover (ATO) fraud, with cybercriminals impersonating financial institutions stealing over $262 million this year. Read more
- Tor switches to new Counter Galois Onion relay encryption algorithm — Tor has announced improved encryption by replacing the tor1 relay encryption algorithm with a new design called Counter Galois Onion (CGO). Read more
Surveillance
- Huawei and Chinese Surveillance: An excerpt from ‘House of Huawei’ details concerns about Huawei’s early history and its connection to Chinese surveillance. Read more
- Rights Organizations Demand Halt to Mobile Fortify, ICE’s Handheld Face Recognition Program: Rights groups demand DHS halt ICE’s Mobile Fortify app, citing privacy violations and potential for wrongful detentions due to face recognition tech. Read more
Biometrics
- Thailand’s PDPC tells firm to halt iris scan service: Thailand’s PDPC orders TIDC Worldverse to halt iris scan services and delete data from 1.2 million people due to cryptocurrency exchange for personal data. Read more
