[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"tag:gdpr":3},{"tag":4,"articles":8,"awareness":273,"events":274,"tips":275,"focus_items":276,"total_count":277},{"slug":5,"name":6,"description":7},"gdpr","GDPR","EU General Data Protection Regulation",[9,18,27,36,44,52,60,69,78,87,96,105,114,123,132,139,148,157,166,174,183,192,201,210,218,224,232,240,248,256,265],{"id":10,"title":11,"slug":12,"brief":13,"ai_summary":14,"url":15,"image_url":16,"published_at":17},"7c8582f5-6a9e-485c-9795-2cbe4c4970f5","Stych Allegedly Breached: 1.34M Customer Database Entries Exposed from French Mobility Service Records","stych-allegedly-breached-1-34m-customer-database-entries-exposed-from-french-mob-d4f79a","Threat actor claims breach of Stych French driving school platform exposing 1.34M customer records.","A threat actor using the moniker ActorLagui allegedly breached Stych, a French mobility training and driving school platform, and is offering a database dump containing 1.34M customer records for sale. The exposed dataset includes personally identifiable information such as names, email addresses, phone numbers, postal codes, birthdates, nationalities, and driver training\u002Flicense attributes. The breach was reported on May 14, 2026, and the threat actor claims the data is fresh and unprocessed.","https:\u002F\u002Fdarkwebinformer.com\u002Fstych-allegedly-breached-1-34m-customer-database-entries-exposed-from-french-mobility-service-records\u002F","https:\u002F\u002Fstorage.ghost.io\u002Fc\u002F6b\u002F16\u002F6b16ac9c-cd67-432f-b0f3-bbec941084ff\u002Fcontent\u002Fimages\u002F2026\u002F05\u002F92378956298376598237569827356986723467894.png","2026-05-15T17:52:31+00:00",{"id":19,"title":20,"slug":21,"brief":22,"ai_summary":23,"url":24,"image_url":25,"published_at":26},"6bb7e530-caaf-45e1-aa54-d368c48be039","‼️🇫🇷 École Française de Comptabilité allegedly breached: 41 GB and 60,683 student, teacher, and...","ecole-francaise-de-comptabilite-allegedly-breached-41-gb-and-60-683-student-teac-db1e69","École Française de Comptabilité suffers alleged breach exposing 41 GB of student, teacher, and bank documents.","A threat actor is selling 41 GB of data containing 60,683 PDF files allegedly stolen from École Française de Comptabilité, a French distance learning institution. The breach includes sensitive documents belonging to students, teachers, and contains bank-related information. This represents a significant data exposure incident affecting hundreds of individuals at the educational institution.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2054936441973551536","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHISZuhWXIAA1zrw.jpg","2026-05-14T14:46:41+00:00",{"id":28,"title":29,"slug":30,"brief":31,"ai_summary":32,"url":33,"image_url":34,"published_at":35},"8b09315b-fd40-4d47-a089-847c8c24ec60","Meetic Allegedly Leaked Exposing 7 Million User Records From the French Online Dating Platform","meetic-allegedly-leaked-exposing-7-million-user-records-from-the-french-online-d-904e1c","Meetic dating platform allegedly leaked 7.2M user records via threat actor NormalLeVrai.","A threat actor using the handle NormalLeVrai claims to have breached Meetic, a major French online dating platform, and released 7,169,561 user records for free under the hashtag #freebreach3d. The leaked dataset includes usernames, emails, registration channels, IP addresses, partial profile data, and account metadata spanning back to 2010–2011. The breach affects a significant French consumer platform and likely triggers GDPR notification and investigation obligations.","https:\u002F\u002Fdarkwebinformer.com\u002Fmeetic-allegedly-leaked-exposing-7-million-user-records-from-the-french-online-dating-platform\u002F","https:\u002F\u002Fstorage.ghost.io\u002Fc\u002F6b\u002F16\u002F6b16ac9c-cd67-432f-b0f3-bbec941084ff\u002Fcontent\u002Fimages\u002F2026\u002F05\u002F723879542798356982763598723598767.png","2026-05-08T16:10:51+00:00",{"id":37,"title":38,"slug":39,"brief":40,"ai_summary":41,"url":42,"image_url":43,"published_at":35},"6cc62de9-5fa1-4d00-994d-ce7177fdda93","‼️🇫🇷 Meetic Allegedly Leaked Exposing 7 Million User Records From the French Online Dating Plat...","meetic-allegedly-leaked-exposing-7-million-user-records-from-the-french-online-d-33fd1f","Meetic French dating platform allegedly leaked 7 million user records.","A significant data breach has been reported involving Meetic, a major French online dating platform, with approximately 7 million user records allegedly exposed. The leaked data likely includes personal and potentially sensitive information from users of the platform. This incident raises GDPR compliance concerns given the platform's EU-based operations and the scale of personal data involved.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2052783295897780408",null,{"id":45,"title":46,"slug":47,"brief":48,"ai_summary":49,"url":50,"image_url":43,"published_at":51},"ae2bf6e5-586c-4593-8ad2-a6eaaffdf744","‼️🇫🇷 LDLC Allegedly Leaked Exposing 1.5 Million Customer Records From the French Tech Retailer...","ldlc-allegedly-leaked-exposing-1-5-million-customer-records-from-the-french-tech-d2441f","LDLC French tech retailer data breach exposes 1.5 million customer records.","LDLC, a major French technology retailer, has allegedly suffered a data breach exposing approximately 1.5 million customer records. The leaked data likely includes personally identifiable information and purchase history. This incident triggers GDPR compliance obligations for the company and notification requirements for affected individuals.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2052772085903077782","2026-05-08T15:26:18+00:00",{"id":53,"title":54,"slug":55,"brief":56,"ai_summary":57,"url":58,"image_url":43,"published_at":59},"86a90418-0f00-48e3-a43b-b15742f326b4","‼️🇧🇪 Belgian Sports\u002FFitness Chain Allegedly Breached Exposing 105K Customer Records With IBAN D...","belgian-sports-fitness-chain-allegedly-breached-exposing-105k-customer-records-w-a7b76c","Belgian sports\u002Ffitness chain breach exposes 105K customer records including IBAN data.","A Belgian sports and fitness chain suffered a data breach exposing approximately 105,000 customer records containing sensitive personal and financial information, including IBAN (International Bank Account Number) data. The breach appears to have been disclosed publicly, raising significant privacy and regulatory concerns under GDPR. Customer financial information exposure creates immediate risk for fraud and identity theft.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2052397589123731769","2026-05-07T14:38:11+00:00",{"id":61,"title":62,"slug":63,"brief":64,"ai_summary":65,"url":66,"image_url":67,"published_at":68},"239a0f24-b591-4ab0-b8b2-bedd1ae8a027","‼️🇫🇷 CAF (Caisse d'Allocations Familiales) allegedly breached exposing 22 million records\n\nThe...","caf-caisse-d-allocations-familiales-allegedly-breached-exposing-22-million-recor-39cc66","French CAF agency allegedly breached; 22M records exposed by eztocard actor.","Threat actor eztocard claims to have breached Caisse d'Allocations Familiales (CAF), France's family allowance agency, exposing approximately 22 million records in a 15.35 GB JSON dataset. The leaked records reportedly contain extensive personal and demographic information. This represents a significant breach of sensitive government social welfare data affecting millions of French citizens.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2052036423843209395","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHHpMP-eXIAk_5JD.jpg","2026-05-06T14:43:03+00:00",{"id":70,"title":71,"slug":72,"brief":73,"ai_summary":74,"url":75,"image_url":76,"published_at":77},"4a95dd15-ce70-476a-8c95-39c7babbf822","‼️🇫🇷 La Redoute, a major French e-commerce and home goods retailer, has allegedly been scraped,...","la-redoute-a-major-french-e-commerce-and-home-goods-retailer-has-allegedly-been--abce8a","La Redoute confirms scraping of 96,191 customer shipment records by Lagui threat actor.","French e-commerce retailer La Redoute has had a dataset of 96,191 customer expedition (shipment) records scraped and leaked by threat actor Lagui. The incident exposes sensitive customer shipping data. As a French entity, the breach likely triggers GDPR notification and investigation obligations.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2051384398826848268","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHHf7PFoWEAArNdF.jpg","2026-05-04T19:32:08+00:00",{"id":79,"title":80,"slug":81,"brief":82,"ai_summary":83,"url":84,"image_url":85,"published_at":86},"cd12b9fd-c3d8-4a0b-a838-8dfce50948f9","‼️🇫🇷 Actradis (https:\u002F\u002Ft.co\u002FakXT4thF3G), a French B2B compliance and administrative document ma...","actradis-https-t-co-akxt4thf3g-a-french-b2b-compliance-and-administrative-docume-18889c","French B2B compliance platform Actradis suffers data scrape affecting 305,000+ records.","Actradis, a French B2B platform for compliance and administrative document management, has been scraped with over 305,000 records leaked in two distinct files. The threat actor Lagui is attributed to the incident. The breach exposes sensitive compliance and administrative data from French businesses.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2051003046189031737","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHHagZM1XcAANjnS.jpg","2026-05-03T18:16:46+00:00",{"id":88,"title":89,"slug":90,"brief":91,"ai_summary":92,"url":93,"image_url":94,"published_at":95},"8f878561-db3f-4b66-a09a-753e066fb733","‼️🇫🇷 https:\u002F\u002Ft.co\u002FczppXO8djQ, a French government health-related platform, has allegedly been b...","https-t-co-czppxo8djq-a-french-government-health-related-platform-has-allegedly--4fccf7","French government health platform breached; 233,837 records leaked with taunt to authorities.","A French government health-related platform was breached, exposing 233,837 user records. The threat actor, claiming the name 'Anssi,' publicly leaked the data alongside a message taunting French authorities and ANSSI (the French cybersecurity agency). The incident highlights vulnerabilities in critical government health infrastructure and represents a potential GDPR violation.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2050721263631429805","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHHWfxN9aEAA1ukM.jpg","2026-05-02T23:37:04+00:00",{"id":97,"title":98,"slug":99,"brief":100,"ai_summary":101,"url":102,"image_url":103,"published_at":104},"2af49dab-7138-448c-85ea-1757f837ab77","APD\u002FGBA (Belgium) - 86\u002F2026","apd-gba-belgium-86-2026-167f7e","Belgian DPA fines employer €8,500 for unlawfully retaining former employee email and accessing private communications.","The Belgian Data Protection Authority (APD\u002FGBA) issued a decision against an employer that systematically retained former employees' email addresses and mailboxes for up to three years, accessing private communications without legal basis. The DPA found violations of GDPR Articles 5(1)(a), 6(1), 12, 17, 24, and 25, and rejected the employer's claims of consent and legitimate interest. The DPA imposed an €8,500 fine and ordered immediate deletion of the data with proof of compliance within 30 days.","https:\u002F\u002Fgdprhub.eu\u002Findex.php?title=APD\u002FGBA_(Belgium)_-_86\u002F2026&diff=51538&oldid=51529","https:\u002F\u002Fgdprhub.eu\u002Fimages\u002F4\u002F44\u002FLogoBE.png","2026-04-29T10:12:32+00:00",{"id":106,"title":107,"slug":108,"brief":109,"ai_summary":110,"url":111,"image_url":112,"published_at":113},"77604e3c-edf7-4d16-9742-e21334c135a9","‼️🇫🇷 https:\u002F\u002Ft.co\u002FrxTlgFcNQI, a French short-term rental \u002F property booking platform, has alleg...","https-t-co-rxtlgfcnqi-a-french-short-term-rental-property-booking-platform-has-a-7e0677","French rental platform breached; 53,000 records leaked by ChimeraZ on cybercrime forum.","A French short-term rental and property booking platform suffered a data breach resulting in the exposure of 53,000 records. The threat actor ChimeraZ claimed responsibility and published the leaked database on a popular cybercrime forum. The incident raises GDPR compliance concerns given the platform's EU jurisdiction and handling of user personal data.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2048438483119726653","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHG2D7DHbUAADnAV.jpg","2026-04-26T16:26:07+00:00",{"id":115,"title":116,"slug":117,"brief":118,"ai_summary":119,"url":120,"image_url":121,"published_at":122},"f78c47e4-245e-4536-936a-1f27ebaa1047","‼️🇫🇷 A threat actor is selling a dataset allegedly obtained from Bodyhit Club (https:\u002F\u002Ft.co\u002Fi6j...","a-threat-actor-is-selling-a-dataset-allegedly-obtained-from-bodyhit-club-https-t-e15186","Threat actor selling dataset of 218K Bodyhit Club customers including names, birthdates, emails, and phone numbers.","A threat actor is offering for sale a dataset allegedly stolen from Bodyhit Club, a French fitness club operator, affecting approximately 218,542 customers. The breach includes sensitive personal data such as full names, birthdates, email addresses, and phone numbers. This incident potentially violates GDPR obligations for data protection and breach notification.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2047400380062134350","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHGnTxrdXUAA2_fl.jpg","2026-04-23T19:41:04+00:00",{"id":124,"title":125,"slug":126,"brief":127,"ai_summary":128,"url":129,"image_url":130,"published_at":131},"12825b3c-c21b-47e4-9ac7-2536538f6029","French Basketball Federation Breached, 1.9 Million Members and 800K Parents Exposed With Addresses, Medical Certificates, and Minor Data","french-basketball-federation-breached-1-9-million-members-and-800k-parents-expos-a7e9e2","French Basketball Federation breached; 1.9M members and 800K parents' personal data exposed by HexDex.","The French Basketball Federation (FFBB) suffered a major data breach affecting 1.9 million members and approximately 800,000 parents, with threat actor HexDex now selling the compromised dataset on the dark web. The exposed data includes full names, dates of birth, home addresses, phone numbers, email addresses, licence numbers, medical certificate information, player physical measurements, and parent contact details for minors. The breach raises significant GDPR and French health data protection concerns, particularly given the exposure of sensitive information on underage athletes and their families.","https:\u002F\u002Fdarkwebinformer.com\u002Ffrench-basketball-federation-breached-1-9-million-members-and-800k-parents-exposed-with-addresses-medical-certificates-and-minor-data\u002F","https:\u002F\u002Fstorage.ghost.io\u002Fc\u002F6b\u002F16\u002F6b16ac9c-cd67-432f-b0f3-bbec941084ff\u002Fcontent\u002Fimages\u002F2026\u002F04\u002F239786598723459876125987612987454.png","2026-04-17T16:57:56+00:00",{"id":133,"title":134,"slug":135,"brief":136,"ai_summary":137,"url":138,"image_url":43,"published_at":131},"9dad9f85-356e-4c18-941d-f810a9d5a8ac","‼️🇫🇷 French Basketball Federation Breached, 1.9 Million Members and 800K Parents Exposed With A...","french-basketball-federation-breached-1-9-million-members-and-800k-parents-expos-05466b","French Basketball Federation breached; 1.9M members and 800K parents' personal and medical data exposed.","The French Basketball Federation suffered a data breach exposing personal information for approximately 1.9 million members and 800,000 parents, including addresses, medical certificates, and data on minors. The incident represents a significant privacy violation under GDPR, affecting a large portion of France's basketball community. The breach included sensitive medical and identity information that poses identity theft and privacy risks to affected individuals.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2045184998517436872",{"id":140,"title":141,"slug":142,"brief":143,"ai_summary":144,"url":145,"image_url":146,"published_at":147},"3bf6750d-44fe-42f1-a5ac-e498aea48752","What to do When Your AI Guardrails Fail","what-to-do-when-your-ai-guardrails-fail-ba511b","Microsoft 365 Copilot bug bypassed DLP policies and sensitivity labels for weeks, exposing confidential emails.","A bug in Microsoft 365 Copilot (CW1226324) allowed the AI to read and summarize confidential emails in Sent Items and Drafts folders despite sensitivity labels and Data Loss Prevention policies being correctly configured. The incident exposed a critical architectural flaw: all governance controls lived within the same platform as Copilot, creating a single point of failure with no independent detection layer. The article argues organizations must implement defense-in-depth AI governance with independent data layers rather than trusting vendor-provided controls alone.","https:\u002F\u002Fwww.itsecurityguru.org\u002F2026\u002F04\u002F16\u002Fwhat-to-do-when-your-ai-guardrails-fail\u002F?utm_source=rss&utm_medium=rss&utm_campaign=what-to-do-when-your-ai-guardrails-fail","https:\u002F\u002Fwww.itsecurityguru.org\u002Fwp-content\u002Fuploads\u002F2026\u002F04\u002FAnthony-Young.png","2026-04-16T16:21:11+00:00",{"id":149,"title":150,"slug":151,"brief":152,"ai_summary":153,"url":154,"image_url":155,"published_at":156},"5c7d3a61-2acd-4264-bbb4-2eb713b35317","Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu","hidden-passenger-how-taboola-routes-logged-in-banking-sessions-to-temu-e84425","Taboola pixel redirects logged-in banking sessions to Temu tracking without consent or knowledge.","During a February 2026 audit of a European financial platform, security researchers discovered that an approved Taboola pixel was silently redirecting authenticated banking users to a Temu tracking endpoint via a 302 redirect chain, complete with credentials headers. The redirect chain exploited a \"first-hop bias\" vulnerability in WAFs, CSP policies, and static analyzers, which only validate the declared origin (Taboola) but fail to inspect runtime destinations. This constitutes GDPR transparency violations (Art. 13) and potential data transfer violations (Chapter V), plus PCI DSS Req. 6.4.3 breaches, as users were never informed and the fourth-party relationship involved non-adequate jurisdictions.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F04\u002Fhidden-passenger-how-taboola-routes.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEiaSzIRGweO7UJkqOLQTUDsqPy53XtIWCzyLklGJLfFxhneZiFpxg8zJRXukUqEsT4TbdFwUZbvTfwuexfGuiYjcDQ-iZDjqwZ2lDlCIhgopZWevBpdi4rr6GxgXpU6MmFnzdMpq_WGdA9PRfaNw_7eDAOugAV1tccfmREgbXveM1N15G2_L9lFxCq1Pv0\u002Fs1600\u002Freflectiz.jpg","2026-04-16T10:30:00+00:00",{"id":158,"title":159,"slug":160,"brief":161,"ai_summary":162,"url":163,"image_url":164,"published_at":165},"ffd45738-cf5d-4fa6-b5ef-a992be978626","CA Luxembourg - 52757C","ca-luxembourg-52757c-2826ae","Luxembourg court annuls €746M Amazon GDPR fine, orders reassessment of fault and proportionality.","The Luxembourg High Administrative Court annulled a €746 million fine imposed by the CNPD (Luxembourg Data Protection Authority) against Amazon for unlawful personal data processing for targeted advertising. While confirming that Amazon violated GDPR Articles 6, 12-17, and 21, the court found procedural shortcomings: the CNPD failed to assess whether infringements were intentional or negligent, and did not properly apply proportionality principles when determining the penalty. The case has been remitted to the CNPD for reassessment of fault and proportionality before imposing any new sanction.","https:\u002F\u002Fgdprhub.eu\u002Findex.php?title=CA_Luxembourg_-_52757C&diff=51335&oldid=51081","https:\u002F\u002Fgdprhub.eu\u002Fimages\u002F4\u002F4c\u002FCourts_logo1.png","2026-04-16T09:04:52+00:00",{"id":167,"title":168,"slug":169,"brief":170,"ai_summary":171,"url":172,"image_url":43,"published_at":173},"bd5fb4ad-e2ee-4e3d-8c78-12a6f97b8555","‼️🇫🇷 France's National ID Agency ANTS Allegedly Breached, 18 Million Citizen Records With Gover...","france-s-national-id-agency-ants-allegedly-breached-18-million-citizen-records-w-5d5f88","France's ANTS national ID agency allegedly breached; 18M citizen records with government-verified identities listed for","France's National ID agency (ANTS) has reportedly suffered a significant data breach exposing approximately 18 million citizen records containing government-verified identity information. The compromised data is allegedly being offered for sale, representing a serious threat to French citizens' privacy and identity security. This incident raises concerns about critical infrastructure protection and compliance with GDPR and NIS2 regulations.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2044088756316045790","2026-04-14T16:21:51+00:00",{"id":175,"title":176,"slug":177,"brief":178,"ai_summary":179,"url":180,"image_url":181,"published_at":182},"c0624769-8c01-481e-b8cb-f0416a4a7c13","‼️🇫🇷 The personal data of 598,154 members of the Logis Hotels ETIK loyalty program, covering bo...","the-personal-data-of-598-154-members-of-the-logis-hotels-etik-loyalty-program-co-940d1a","Logis Hotels ETIK loyalty program data of 598K members exposed on cybercrime forum.","Personal data belonging to 598,154 members of the Logis Hotels ETIK loyalty program, including booking records spanning 2012–2026, has allegedly been compromised and is being offered for sale on a cybercrime forum. The threat actor HexDex is allegedly responsible for the breach. As a French hospitality company, Logis Hotels is subject to GDPR and must notify affected individuals and relevant data protection authorities.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2044068712110588114","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHF39d7ZXQAEOdaz.jpg","2026-04-14T15:02:12+00:00",{"id":184,"title":185,"slug":186,"brief":187,"ai_summary":188,"url":189,"image_url":190,"published_at":191},"5b5cb49a-fdec-4eaf-a071-78dc70458cde","European Gym giant Basic-Fit data breach affects 1 million members","european-gym-giant-basic-fit-data-breach-affects-1-million-members-d55232","Basic-Fit data breach exposes 1 million European gym members' personal data.","Dutch fitness giant Basic-Fit disclosed a cyberattack that compromised personal information for approximately 1 million members across six European countries. The breach exposed names, addresses, email, phone numbers, dates of birth, and bank account details, though passwords and identification documents were not accessed. The company claims the unauthorized access was detected and stopped within minutes, and no data was leaked online.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Feuropean-gym-giant-basic-fit-data-breach-affects-1-million-members\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F04\u002F13\u002FBasicFit.jpg","2026-04-13T21:50:01+00:00",{"id":193,"title":194,"slug":195,"brief":196,"ai_summary":197,"url":198,"image_url":199,"published_at":200},"9375dae7-1d9e-4dbe-b944-d88b5a82f8ca","Eurail says December data breach impacts 300,000 individuals","eurail-says-december-data-breach-impacts-300-000-individuals-8e793b","Eurail discloses December 2025 data breach affecting 308,777 individuals with passport and health data stolen.","Eurail B.V., a Netherlands-based European train pass operator, disclosed a December 2025 data breach affecting 308,777 individuals after attackers stole personal information including names, passport details, ID numbers, IBANs, and health records. The threat actors published a sample of stolen data on Telegram and attempted to sell it on the dark web. The company advised affected customers to monitor accounts, update passwords, and remain vigilant against phishing and fraud.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Feurail-says-december-data-breach-impacts-300-000-individuals\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F04\u002F09\u002FHigh-speed_train_Europe.jpg","2026-04-09T10:31:54+00:00",{"id":202,"title":203,"slug":204,"brief":205,"ai_summary":206,"url":207,"image_url":208,"published_at":209},"b3d070b2-02e6-4a36-88c5-2f38c45bdfc8","LinkedIn secretly scans for 6,000+ Chrome extensions, collects data","linkedin-secretly-scans-for-6-000-chrome-extensions-collects-data","LinkedIn secretly scans 6,000+ Chrome extensions and collects device data via hidden JavaScript.","Microsoft's LinkedIn uses hidden JavaScript fingerprinting scripts to detect over 6,236 browser extensions installed on user devices and collects sensitive system data including CPU, memory, screen resolution, and timezone. The report dubbed \"BrowserGate\" claims LinkedIn uses this covert scanning to identify competitors' users and extract customer lists, though LinkedIn denies misuse and claims the scanning is for platform security and terms-of-service enforcement. BleepingComputer independently confirmed the fingerprinting technique, noting the detected extensions have grown from ~2,000 in 2025 to 6,236 currently.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Flinkedin-secretly-scans-for-6-000-plus-chrome-extensions-collects-data\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2022\u002F07\u002F20\u002Flinkedin.jpg","2026-04-03T20:40:22+00:00",{"id":211,"title":212,"slug":213,"brief":214,"ai_summary":215,"url":216,"image_url":43,"published_at":217},"a71f663b-7a44-412d-ba8f-0fa543ebee41","Rb. Amsterdam - C\u002F13\u002F783613 \u002F KG ZA 26-120","rb-amsterdam-c-13-783613-kg-za-26-120-3","Dutch court bans X's Grok from generating non-consensual intimate and CSAM imagery in Netherlands.","A Dutch court issued a preliminary injunction against X (via Irish entity X Internet Unlimited Company and US X.AI LLC) prohibiting Grok from generating, editing, or distributing non-consensual intimate imagery and child sexual abuse material (CSAM) in the Netherlands. The ruling found that Grok had generated approximately 3 million sexualized images between late December 2025 and early January 2026, including ~23,000 depicting children, and that X's safeguards were insufficient under GDPR and Dutch civil law. The injunction also bars X from offering Grok's image generation functionality as long as such violations persist.","https:\u002F\u002Fgdprhub.eu\u002Findex.php?title=Rb._Amsterdam_-_C\u002F13\u002F783613_\u002F_KG_ZA_26-120&diff=51201&oldid=51196","2026-04-01T10:03:34+00:00",{"id":219,"title":212,"slug":220,"brief":214,"ai_summary":221,"url":222,"image_url":43,"published_at":223},"188846f7-56d7-406d-85e8-0d52e8a93c8d","rb-amsterdam-c-13-783613-kg-za-26-120-2","Amsterdam District Court issued a preliminary injunction against X.AI and X Corp., prohibiting Grok from generating, distributing, or displaying non-consensual sexual imagery and child sexual abuse material (CSAM) within The Netherlands. The court found that X failed to implement sufficient safeguards despite evidence that Grok users can bypass content boundaries, violating GDPR and Dutch Civil Code. The injunction applies to images of Dutch nationals even if distributed outside the country, though the court acknowledged limited international jurisdiction.","https:\u002F\u002Fgdprhub.eu\u002Findex.php?title=Rb._Amsterdam_-_C\u002F13\u002F783613_\u002F_KG_ZA_26-120&diff=51196&oldid=51194","2026-03-31T14:10:42+00:00",{"id":225,"title":226,"slug":227,"brief":228,"ai_summary":229,"url":230,"image_url":43,"published_at":231},"c9263b8e-2394-4cbf-b240-2c88acc37b2f","AEPD (Spain) - EXP202305035","aepd-spain-exp202305035-2","Spain's AEPD fines Orange Espagne €230K for weak eSIM security enabling identity theft.","Spain's data protection authority (AEPD) fined Orange Espagne €230,000 for violating Article 32 GDPR after the company failed to maintain adequate security controls around eSIM duplication requests. An attacker successfully exploited weaknesses in Orange's identity verification process, circumventing security checks and obtaining a duplicate eSIM despite an internal identity theft warning that did not prevent employee issuance. The DPA found this was not an isolated incident but a systemic weakness in the company's security policy.","https:\u002F\u002Fgdprhub.eu\u002Findex.php?title=AEPD_(Spain)_-_EXP202305035&diff=51191&oldid=51180","2026-03-31T12:40:01+00:00",{"id":233,"title":234,"slug":235,"brief":236,"ai_summary":237,"url":238,"image_url":43,"published_at":239},"bcf519d9-51bd-4ed8-90ce-c298a11c897b","‼️🇫🇷 A dataset allegedly containing 689,891 unique member records from the Fédération Française...","a-dataset-allegedly-containing-689-891-unique-member-records-from-the-federation","French kickboxing federation's 689K member records leaked on cybercrime forum","A dataset containing 689,891 member records from the Fédération Française de Savata (French kickboxing federation) is allegedly being sold on a cybercrime forum. The records span from 1977 to 2026 and likely contain personally identifiable information. This represents a significant data breach affecting French citizens and falls under GDPR jurisdiction.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2038699872564470180","2026-03-30T19:28:21+00:00",{"id":241,"title":242,"slug":243,"brief":244,"ai_summary":245,"url":246,"image_url":43,"published_at":247},"ee8510a7-56ef-40b6-ad88-8deca2f51a13","‼️🇫🇷 The database of Syma Mobile, a French mobile operator, has allegedly been leaked on a popu...","the-database-of-syma-mobile-a-french-mobile-operator-has-allegedly-been-leaked-o","Syma Mobile French operator's database with 108k customer records leaked on cybercrime forum.","Syma Mobile, a French mobile operator, suffered a data breach exposing approximately 108,000 customer records on a cybercrime forum as of September 2, 2025. The leaked data includes personally identifiable information such as full names, dates of birth, and phone numbers. The incident falls under GDPR jurisdiction given Syma Mobile's French operations.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2037698016614756572","2026-03-28T01:07:20+00:00",{"id":249,"title":250,"slug":251,"brief":252,"ai_summary":253,"url":254,"image_url":43,"published_at":255},"5b998f73-22e4-469d-8fa8-b1d8c8f35a21","‼️🇫🇷 Personal data of 447,445 members of the Fédération Française de Voile (French Sailing Fede...","personal-data-of-447-445-members-of-the-federation-francaise-de-voile-french-sai","French Sailing Federation member data for 447k people leaked on cybercrime forum.","Personal data belonging to 447,445 members of France's Fédération Française de Voile (FFV) is being sold on a cybercrime forum. The dataset includes 445,829 full addresses, 239,723 email addresses, and phone numbers. This represents a significant privacy breach affecting French citizens and likely triggers GDPR investigation requirements.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2037193357454082079","2026-03-26T15:42:00+00:00",{"id":257,"title":258,"slug":259,"brief":260,"ai_summary":261,"url":262,"image_url":263,"published_at":264},"3ee9d0f3-1e49-4599-95a2-667fc316c431","ICO (UK) - Reddit, Inc","ico-uk-reddit-inc-2","UK ICO fines Reddit £14.5M for unlawful processing of children's personal data.","The UK Information Commissioner's Office (ICO) issued a £14,472,500 fine to Reddit, Inc. for breaching UK GDPR Articles 5, 6, and 8 by processing personal data of children under 13 without parental consent and failing to implement age verification between May 2018 and July 2025. Reddit also failed to conduct required data protection impact assessments for children's data processing. The violations included unfair and non-transparent processing, absence of valid legal basis, and inadequate safeguards for minors on the platform.","https:\u002F\u002Fgdprhub.eu\u002Findex.php?title=ICO_(UK)_-_Reddit,_Inc&diff=51114&oldid=51098","https:\u002F\u002Fgdprhub.eu\u002Fimages\u002Fa\u002Fa4\u002FLogoUK.png","2026-03-25T08:35:19+00:00",{"id":266,"title":267,"slug":268,"brief":269,"ai_summary":270,"url":271,"image_url":43,"published_at":272},"709399a4-f1d1-412f-a4bc-5adfcbb7401f","‼️🇫🇷 Alleged Breach of Allopneus Exposes 453K Customers and 739K Records From France's Leading...","alleged-breach-of-allopneus-exposes-453k-customers-and-739k-records-from-france-","Allopneus breach exposes 453K customers and 739K records from France's leading online tire retailer.","France's largest online tire retailer Allopneus suffered an alleged data breach affecting 453,000 customers and 739,000 records spanning from 2014 to 2026. The breach exposure includes personal and transactional data from over a decade of operations. As a French company processing EU resident data, the incident triggers GDPR notification and investigation obligations.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2036106815532835299","2026-03-23T15:44:28+00:00",[],[],[],[],31]