Amazon faces prospect of EU fine over data privacy. School data breach. A look at Ryuk.

At a glance.

  • Amazon’s European privacy issue.
  • School district data exposed.
  • A look at the Ryuk ransomware operation.

Amazon potentially faces largest GDPR fine ever.

The EU has drafted a decision to fine Amazon $425 million (or roughly 2% of the tech giant’s 2020 net income) for violation of the General Data Protection Regulation (GDPR), the Wall Street Journal reports. The CNPD, Luxembourg’s privacy commission and Amazon’s lead EU privacy regulator (Amazon’s EU headquarters are located in the Grand Duchy), has proposed the sanction for alleged data collection and handling violations. If approved by the EU’s other privacy authorities, this would be the largest fine since the GDPR was implemented in 2018. Though the details of Amazon’s offenses have not been disclosed, the size of the fine signifies a shift in the EU toward holding tech companies to task for their data privacy policies. 

Ireland, which oversees privacy regulations for Facebook, Google, and Apple, also plans to draft decisions for several privacy cases this year.

US school district data exposed in cyberattack.

Union Community School District in the US state of Iowa has disclosed that an intruder gained unauthorized access to its computer systems in April, the Courier reports. The attack temporarily disrupted the district’s servers, and the subsequent investigation found the intruder had accessed school data. “Those documents are currently under review, and the District is committed to providing additional information to the community as quickly as possible,” Superintendent Travis Fleshner explained.

The relentless menace of Ryuk.

The Wall Street Journal offers a profile of the infamous Ryuk ransomware gang, responsible for numerous recent cyberattacks that crippled US medical institutions. The world’s most active ransomware group, Ryuk was tied to a third of the 203 million ransomware attacks in the US last year and raked in at least $100 million in ransom payouts. While some threat groups have avoided targeting vulnerable institutions like hospitals, especially during the pandemic, Ryuk has attacked more than two hundred thirty healthcare providers  (lucrative targets due to their dependence on…